Puppet Class: varnish

Defined in:

manifests/init.pp

Summary

Installs and configures Varnish.

Overview

Examples:

Installs Varnish

# enables Varnish service
# uses default VCL '/etc/varnish/default.vcl'
include varnish

Installs Varnish with custom options

# sets Varnish to listen on port 80
# storage size is set to 2 GB
# vcl file is '/etc/varnish/my-vcl.vcl'
class { 'varnish':
  varnish_listen_port  => 80,
  varnish_storage_size => '2G',
  varnish_vcl_conf     => '/etc/varnish/my-vcl.vcl',
}

Parameters:

• service_ensure (Stdlib::Ensure::Service) (defaults to: 'running') —

  Ensure for varnishservice

• service_enable (Boolean) (defaults to: true) —

  If Service should be enabled

• reload_vcl (Boolean) (defaults to: true) —

  V4 paramter if Varnish will be reloaded - deprecated Will be removed when support for RHEL7 is dropped

• nfiles (String) (defaults to: '131072') —

  passed to varnish conf-file

• memlock (String) (defaults to: '100M') —

  passed to varnish conf-file

• storage_type (String) (defaults to: 'malloc') —

  which storage will be used for varnish - default malloc

• varnish_vcl_conf (Stdlib::Absolutepath) (defaults to: '/etc/varnish/default.vcl') —

  path to main vcl file

• varnish_user (String) (defaults to: 'varnish') —

  passed to varnish-conf

• varnish_jail_user (Optional[String]) (defaults to: undef) —

  passed to varnish-conf

• varnish_group (String) (defaults to: 'varnish') —

  passed to varnish-conf

• varnish_listen_address (Optional[String[1]]) (defaults to: undef) —

  Address varnish will bind to - default ”

• varnish_listen_port (Stdlib::Port) (defaults to: 6081) —

  port varnish wil bind to

• varnish_proxy_listen_address (String) (defaults to: '127.0.0.1') —

  address varnish binds to in proxy mode

• varnish_proxy_listen_port (Optional[Stdlib::Port]) (defaults to: undef) —

  port varnish binds to in proxy mode

• varnish_proxy_listen_socket (Optional[Stdlib::Absolutepath]) (defaults to: undef) —

  socket varnish binds to in proxy mode

• varnish_proxy_listen_socket_mode (Stdlib::Filemode) (defaults to: '666') —

  Filemode for socket varnish binds to in proxy mode

• varnish_admin_listen_address (String) (defaults to: 'localhost') —

  address varnish binds to in admin mode

• varnish_admin_listen_port (Stdlib::Port) (defaults to: 6082) —

  port varnish binds to in admin mode

• varnish_min_threads (String) (defaults to: '5') —

  minumum no of varnish worker threads

• varnish_max_threads (String) (defaults to: '500') —

  maximum no of varnish worker threads

• varnish_thread_timeout (String) (defaults to: '300')
• varnish_storage_size (String) (defaults to: '1G') —

  defines the size of storage (depending of storage_type)

• varnish_secret_file (Stdlib::Absolutepath) (defaults to: '/etc/varnish/secret') —

  path to varnish secret file

• varnish_storage_file (Stdlib::Absolutepath) (defaults to: '/var/lib/varnish-storage/varnish_storage.bin') —

  defines the filepath of storage (depending of storage_type)

• mse_config (Optional[String[1]]) (defaults to: undef) —

  MSE Config, see docs.varnish-software.com/varnish-cache-plus/features/mse/

• mse_config_file (Stdlib::Absolutepath) (defaults to: '/etc/varnish/mse.conf') —

  filepath where mse config file will be stored

• varnish_ttl (String) (defaults to: '120') —

  default ttl for items

• varnish_enterprise (Boolean) (defaults to: false) —

  passed to varnish::install

• varnish_enterprise_vmods_extra (Boolean) (defaults to: false) —

  passed to varnish::install

• vcl_dir (Optional[Stdlib::Absolutepath]) (defaults to: undef) —

  dir where varnish vcl will be stored

• shmlog_dir (Stdlib::Absolutepath) (defaults to: '/var/lib/varnish') —

  location for shmlog

• shmlog_tempfs (Boolean) (defaults to: true) —

  mounts shmlog directory as tmpfs

• version (String[1]) (defaults to: present) —

  passed to puppet type ‘package’, attribute ‘ensure’

• add_repo (Boolean) (defaults to: false) —

  if set to false (defaults to true), the yum/apt repo is not added

• manage_firewall (Boolean) (defaults to: false) —

  passed to varnish::firewall

• varnish_conf_template (String[1]) (defaults to: 'varnish/varnish-conf.erb') —

  Template that will be used for varnish conf

• conf_file_path (Stdlib::Absolutepath) (defaults to: '/etc/varnish/varnish.params') —

  path where varnish conf will be stored

• additional_parameters (Hash) (defaults to: {}) —

  additional parameters that will be passed to varnishd with -p

• default_version (Integer) (defaults to: 6) —

  Default major version of Varnish for that OS release

• add_hitch (Boolean) (defaults to: false) —

  Add varnish::hitch class to install hitch

• add_ncsa (Boolean) (defaults to: false) —

  Add varnish::ncsa class to install varnishncsa Service

# File 'manifests/init.pp', line 101

class varnish (
  Stdlib::Ensure::Service $service_ensure               = 'running',
  Boolean               $service_enable               = true,
  Boolean               $reload_vcl                   = true,
  String                $nfiles                       = '131072',
  String                $memlock                      = '100M',
  String                $storage_type                 = 'malloc',
  Stdlib::Absolutepath  $varnish_vcl_conf             = '/etc/varnish/default.vcl',
  String                $varnish_user                 = 'varnish',
  Optional[String]      $varnish_jail_user            = undef,
  String                $varnish_group                = 'varnish',
  Optional[String[1]]   $varnish_listen_address       = undef,
  Stdlib::Port          $varnish_listen_port          = 6081,
  String                $varnish_proxy_listen_address       = '127.0.0.1',
  Optional[Stdlib::Port]  $varnish_proxy_listen_port          = undef,
  Optional[Stdlib::Absolutepath] $varnish_proxy_listen_socket = undef,
  Stdlib::Filemode $varnish_proxy_listen_socket_mode = '666',
  String                $varnish_admin_listen_address = 'localhost',
  Stdlib::Port $varnish_admin_listen_port    = 6082,
  String $varnish_min_threads          = '5',
  String $varnish_max_threads          = '500',
  String $varnish_thread_timeout       = '300',
  String $varnish_storage_size         = '1G',
  Stdlib::Absolutepath $varnish_secret_file          = '/etc/varnish/secret',
  Stdlib::Absolutepath $varnish_storage_file         = '/var/lib/varnish-storage/varnish_storage.bin',
  Optional[String[1]] $mse_config = undef,
  Stdlib::Absolutepath $mse_config_file = '/etc/varnish/mse.conf',
  String $varnish_ttl                  = '120',
  Boolean $varnish_enterprise   = false,
  Boolean $varnish_enterprise_vmods_extra = false,
  Optional[Stdlib::Absolutepath] $vcl_dir                      = undef,
  Stdlib::Absolutepath $shmlog_dir                   = '/var/lib/varnish',
  Boolean $shmlog_tempfs                = true,
  String[1] $version                      = present,
  Boolean $add_repo             = false,
  Boolean $manage_firewall      = false,
  String[1] $varnish_conf_template        = 'varnish/varnish-conf.erb',
  Stdlib::Absolutepath $conf_file_path  = '/etc/varnish/varnish.params',
  Hash $additional_parameters        = {},
  Integer $default_version = 6,
  Boolean $add_hitch = false,
  Boolean $add_ncsa = false,
) {
  $major_version = $version ? {
    /(\d+)\./ => "${1}",
    default => $default_version,
  }

  Class['varnish::install'] -> Class['varnish::service']
  # install Varnish
  class { 'varnish::install':
    add_repo                       => $add_repo,
    manage_firewall                => $manage_firewall,
    varnish_listen_port            => $varnish_listen_port,
    version                        => $version,
    varnish_enterprise             => $varnish_enterprise,
    varnish_enterprise_vmods_extra => $varnish_enterprise_vmods_extra,
  }

  # enable Varnish service
  include varnish::service

  if($add_hitch) {
    contain varnish::hitch
  }

  #Allow to add Varnishncsa from base class
  if($add_ncsa) {
    contain varnish::ncsa
  }

  # mount shared memory log dir as tempfs
  if $shmlog_tempfs {
    class { 'varnish::shmlog':
      shmlog_dir => $shmlog_dir,
      require    => Package['varnish'],
    }
  }

  # Handle MSE Config
  if $storage_type == 'mse' and $mse_config {
    file { 'varnish-mse-conf':
      ensure  => file,
      path    => $mse_config_file,
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
      content => $mse_config,
      require => Package['varnish'],
      notify  => Service['varnish'],
    }
    ~> exec { 'varnish-mkfs-mse':
      command     => "mkfs.mse -c ${mse_config_file} -f",
      refreshonly => true,
      path        => [
        '/usr/local/sbin',
        '/usr/local/bin',
        '/usr/sbin',
        '/usr/bin',
        '/sbin',
        '/bin',
      ],
    }
  }

  # varnish config file
  file { 'varnish-conf':
    ensure  => file,
    path    => $conf_file_path,
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    content => template($varnish_conf_template),
    require => Package['varnish'],
    notify  => Service['varnish'],
  }

  # storage dir
  $varnish_storage_dir = regsubst($varnish_storage_file, '(^/.*)(/.*$)', '\1')
  file { 'storage-dir':
    ensure  => directory,
    path    => $varnish_storage_dir,
    require => Package['varnish'],
  }
}