Skip to content

varnish: set the backend_hint as soon as possible

The backend needs to be set for all requests that are eventually going to be proxied; This includes piped requests, e.g. for websockets.

Setting the backend hint early will avoid us forgetting to set it :-)

Related to T4191

Test Plan

Tested switching the backend_hint and return (pipe) operations on the live server, and the websocket got routed properly.

octocatalog-diff output:

*** Running octocatalog-diff on host rp1.internal.admin.swh.network
I, [2022-04-27T14:25:01.801042 #338676]  INFO -- : Catalogs compiled for rp1.internal.admin.swh.network
I, [2022-04-27T14:25:02.147651 #338676]  INFO -- : Diffs computed for rp1.internal.admin.swh.network
diff origin/production/rp1.internal.admin.swh.network current/rp1.internal.admin.swh.network
*******************************************
  File[/etc/varnish/includes/50_vhost_grafana.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -14,9 +14,10 @@
                   return(synth(850, "Moved permanently"));
               } else {
      +            set req.backend_hint = grafana;
      +
                   if (req.http.upgrade ~ "(?i)websocket") {
                       return (pipe);
                   }
                   set req.http.X-Forwarded-Proto = "https";
      -            set req.backend_hint = grafana;
               }
           }
*******************************************
  File[/etc/varnish/includes/50_vhost_hedgedoc.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -14,9 +14,10 @@
                   return(synth(850, "Moved permanently"));
               } else {
      +            set req.backend_hint = hedgedoc;
      +
                   if (req.http.upgrade ~ "(?i)websocket") {
                       return (pipe);
                   }
                   set req.http.X-Forwarded-Proto = "https";
      -            set req.backend_hint = hedgedoc;
               }
           }
*******************************************
  File[/etc/varnish/includes/50_vhost_sentry.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -14,6 +14,7 @@
                   return(synth(850, "Moved permanently"));
               } else {
      -            set req.http.X-Forwarded-Proto = "https";
                   set req.backend_hint = sentry;
      +
      +            set req.http.X-Forwarded-Proto = "https";
               }
           }
*******************************************
  Profile::Varnish::Vcl_include[vhost_grafana.softwareheritage.org] =>
   parameters =>
     content =>
      @@ -14,9 +14,10 @@
                   return(synth(850, "Moved permanently"));
               } else {
      +            set req.backend_hint = grafana;
      +
                   if (req.http.upgrade ~ "(?i)websocket") {
                       return (pipe);
                   }
                   set req.http.X-Forwarded-Proto = "https";
      -            set req.backend_hint = grafana;
               }
           }
*******************************************
  Profile::Varnish::Vcl_include[vhost_hedgedoc.softwareheritage.org] =>
   parameters =>
     content =>
      @@ -14,9 +14,10 @@
                   return(synth(850, "Moved permanently"));
               } else {
      +            set req.backend_hint = hedgedoc;
      +
                   if (req.http.upgrade ~ "(?i)websocket") {
                       return (pipe);
                   }
                   set req.http.X-Forwarded-Proto = "https";
      -            set req.backend_hint = hedgedoc;
               }
           }
*******************************************
  Profile::Varnish::Vcl_include[vhost_sentry.softwareheritage.org] =>
   parameters =>
     content =>
      @@ -14,6 +14,7 @@
                   return(synth(850, "Moved permanently"));
               } else {
      -            set req.http.X-Forwarded-Proto = "https";
                   set req.backend_hint = sentry;
      +
      +            set req.http.X-Forwarded-Proto = "https";
               }
           }
*******************************************
  Varnish::Vcl[/etc/varnish/includes/50_vhost_grafana.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -14,9 +14,10 @@
                   return(synth(850, "Moved permanently"));
               } else {
      +            set req.backend_hint = grafana;
      +
                   if (req.http.upgrade ~ "(?i)websocket") {
                       return (pipe);
                   }
                   set req.http.X-Forwarded-Proto = "https";
      -            set req.backend_hint = grafana;
               }
           }
*******************************************
  Varnish::Vcl[/etc/varnish/includes/50_vhost_hedgedoc.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -14,9 +14,10 @@
                   return(synth(850, "Moved permanently"));
               } else {
      +            set req.backend_hint = hedgedoc;
      +
                   if (req.http.upgrade ~ "(?i)websocket") {
                       return (pipe);
                   }
                   set req.http.X-Forwarded-Proto = "https";
      -            set req.backend_hint = hedgedoc;
               }
           }
*******************************************
  Varnish::Vcl[/etc/varnish/includes/50_vhost_sentry.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -14,6 +14,7 @@
                   return(synth(850, "Moved permanently"));
               } else {
      -            set req.http.X-Forwarded-Proto = "https";
                   set req.backend_hint = sentry;
      +
      +            set req.http.X-Forwarded-Proto = "https";
               }
           }
*******************************************
*** End octocatalog-diff on rp1.internal.admin.swh.network

Migrated from D7696 (view on Phabricator)

Merge request reports

Loading