/VS-logo-2020-197x60.png?width=136&height=60&name=VS-logo-2020-197x60.png "Varnish Software"){kind=logo}
Varnish Enterprise version 6.0.11r2 contains a new Varnish Module (VMOD).
S3 VMOD provides functionality for using Varnish as a caching proxy in front of S3-compatible object storage. It includes a dynamic backend director for S3 bucket endpoints.
Why is this an important VMOD? We explain below.
S3 Endpoints Now Resolve to Multiple IP Addresses
If you are using S3 as an origin storage solution or backend behind Varnish Cache or Varnish Enterprise, recent changes may interrupt S3 workflows. The good news is that S3 VMOD solves this instantly, but let’s take a closer look at the reason and impact for the changes.
Historically, all S3 buckets and endpoints have been accessible using service hostnames that resolve to exactly one IPv4 and one IPv6 address. These IP addresses may change between different resolutions, but every resolution only returns a single IPv4 address and a single IPv6 address.
Now, Amazon has started rolling out a change to DNS resolution for S3 endpoints. Each endpoint will resolve to multiple IP addresses, in what is known as Multi Value Answer (MVA) routing. This change is incompatible with some Varnish deployments set up to use Amazon S3 as a backend, and requires action to get compatible functionality and configuration in place.
The update to improve S3 performance and change DNS resolution to MVA routing means that each hostname and endpoint will now resolve to between one and eight IP addresses, depending on factors such as region and traffic to/from the bucket.
Adding Support for MVA Routing in Varnish
If you are a Varnish Cache user, the S3 changes means VCLs will start failing to initialize. If you are starting up a new varnishd service, it will fail, but already running varnishd services will continue to run with their current VCL.
Resolution to multiple backends is already available in Varnish Enterprise via VMODs udo and activedns, but users can update Varnish to version 6.0.11r2 or later and get S3 VMOD. This is a convenient method for MVA routing and includes a dynamic backend director to support:
- DNS resolution of Amazon S3 endpoints, including those that resolve to multiple IP addresses
- Load balancing of HTTP requests over the different IP addresses to which the DNS names resolve
- Retrying failed backend requests to other IP addresses in the load balancer
- Ongoing refresh of DNS names during operation. VMOD S3 will automatically add new IP addresses to the director and remove expired ones
If you are an existing customer you can follow a tutorial to get set up. If you run into any issues simply get in touch and Varnish Support will be happy to help.
If you have any questions, please do get in touch.
