Page MenuHomeFreeBSD
Differential D4016

www/varnish4: fix race condition on start, new features
ClosedPublic
Actions

Authored by feld on Oct 27 2015, 4:41 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Apr 24, 6:19 PM
Unknown Object (File)
Wed, Apr 24, 5:55 PM
Unknown Object (File)
Mar 22 2024, 11:03 PM
Unknown Object (File)
Mar 8 2024, 2:02 PM
Unknown Object (File)
Feb 21 2024, 7:17 PM
Unknown Object (File)
Feb 21 2024, 5:36 PM
Unknown Object (File)
Feb 21 2024, 10:38 AM
Unknown Object (File)
Feb 20 2024, 4:03 PM
View All Files
Subscribers
mat

Details

Reviewers
peter
Commits
rP400701: www/varnish4: Fix race condition on start
Summary

Fix race condition by removing _.vsm on start

  • varnishncsa and varnishlog wait for this file before starting.
  • varnishd does not clean this up which causes them to think varnishd is successfully running. This causes them to fail to start.

Fix default description of varnishd_flags

Add a "configtest" option to test your configuration

Run configtest in start_precmd to ensure config is good before starting

  • This provides good positive feedback to the user and clearly points out which config they are using

Run configtest before restarting to ensure config is good

  • Prevent foot-shooting

Add a "reload" option to reload your VCL file

  • It does a configtest to make sure you don't break your running service. More foot protection.

Install pid files on first-run as mode 644 instead of default 775.

Install log files on first-run as mode 640 instead of default 775.

Diff Detail

Repository
rP FreeBSD ports repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

feld updated this revision to Diff 9739.Oct 27 2015, 4:41 PM
feld retitled this revision from to www/varnish4: fix race condition on start, new features.
feld updated this object.
feld edited the test plan for this revision. (Show Details)
feld added a reviewer: peter.
feld updated this revision to Diff 9740.Oct 27 2015, 4:49 PM

add "restart_precmd" to run the configtest

Don't allow a restart unless the VCL config is valid

feld updated this object.Oct 27 2015, 4:51 PM
feld updated this object.Oct 27 2015, 4:54 PM
feld updated this revision to Diff 9741.Oct 27 2015, 4:55 PM

Mode 664 -> 644 for pid files

feld added inline comments.Oct 27 2015, 7:40 PM
www/varnish4/files/varnishd.in
128 ↗(On Diff #9741)

I think this is OK.

https://www.varnish-cache.org/docs/trunk/reference/vsm.html

We do not yet support multiple varnish instances via rc script (-n foo instead of $(hostname) ), but if we did this is easily updated to handle that.

mat added a subscriber: mat.Oct 28 2015, 1:14 PM
mat added inline comments.
www/varnish4/files/varnishd.in
44 ↗(On Diff #9741)

So, if varnishd_config is unset you add -f ${varnishd_config} to the command line ? this feels wrong.

feld added inline comments.Oct 28 2015, 1:16 PM
www/varnish4/files/varnishd.in
44 ↗(On Diff #9741)

oh, these descriptions are swapped. I'll fix, thanks!

feld updated this revision to Diff 9768.Oct 28 2015, 1:18 PM

Fix varnishd_flags description: varnishd_config set vs unset examples were swapped

feld marked an inline comment as done.Oct 28 2015, 1:19 PM

fixed swapped descriptions

mat added inline comments.Oct 28 2015, 2:03 PM
www/varnish4/files/varnishncsa.in
62 ↗(On Diff #9768)

Why 664 ?

feld updated this revision to Diff 9770.Oct 28 2015, 3:27 PM

Log files should be 640 by default

feld marked an inline comment as done.Oct 28 2015, 3:28 PM
feld added inline comments.
www/varnish4/files/varnishncsa.in
62 ↗(On Diff #9770)

good catch. I intended this to be 640 so users in the varnish group could read the logs, but they're not world-readable.

feld updated this object.Oct 28 2015, 3:41 PM
feld updated this revision to Diff 9784.Oct 29 2015, 2:09 PM
feld marked an inline comment as done.

varnishlog and varnishncsa have a built-in "wait for varnishd" via -t

setting "-t 0" will allow them to wait indefinitely for varnishd to attach
to the _.vsm file

feld updated this revision to Diff 9785.Oct 29 2015, 2:15 PM

I misread the docs.

-t 0 tries once and fails immediately.
-t off tries indefinitely.

feld marked an inline comment as done.Oct 29 2015, 2:16 PM
feld updated this revision to Diff 9786.Oct 29 2015, 2:20 PM

rc script docs for varnishlog_flags and varnishncsa_flags didn't match
reality

mat added inline comments.Oct 29 2015, 3:07 PM
www/varnish4/files/varnishncsa.in
28 ↗(On Diff #9786)

A small reminder, this does not work ?

feld updated this revision to Diff 9796.Oct 29 2015, 5:16 PM

remove _.vsm wait code for varnishncsa rc script, too

feld updated this revision to Diff 9804.Oct 29 2015, 7:22 PM

Fix ability to specify varnishncsa_logformat

Due to shell quoting hell that comes from rc.subr combined with
$name_user="" privilege dropping feature there's no way to get
varnishncsa_logformat to work. The solution is to lean on daemon(8) to
handle starting the process with the right uid. This will permit us to
pass escaped quotes through as an argument and preserve the entire
string.

As a result, do the same for varnishlog for consistency.

The privsep was a new feature and there's not a great reason for general
users to require the ability to change UID that the daemons run as.

feld marked 3 inline comments as done.Oct 29 2015, 7:24 PM

I think all concerns have been addressed. Please test if you can!

Macro doitllive:

feld updated this revision to Diff 9821.Oct 30 2015, 1:01 PM

I missed removing $varnishlog_user and $varnishncsa_user from the
install commands in start_precmd

Closed by commit rP400701: www/varnish4: Fix race condition on start (authored by feld). · Explain WhyNov 3 2015, 3:09 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
www/
varnish4/
2 lines
files/
53 lines
39 lines
39 lines

Diff 9906

View Options

head/www/varnish4/Makefile

Loading...
View Options

head/www/varnish4/files/varnishd.in

Loading...
View Options

head/www/varnish4/files/varnishlog.in

Loading...
View Options

head/www/varnish4/files/varnishncsa.in

Loading...