March 15, 2023
6 min read time

Varnish Cache 7.3 released

Today is March 15th and that means it’s release day! Every year on March 15th and September 15th, a new version of Varnish Cache is released.

Varnish Cache is the open source version of Varnish and version 7.3 of the project becomes available today.

New features

Besides the bug fixes, Varnish Cache 7.3 has the following notable features:

  • Support for abstract Unix Domain Sockets
  • Do not perform ESI includes of failed objects, unless instructed otherwise
  • Varnish transaction IDs have been extended to 64 bits
  • Via backends

Let’s have a look at these features in some more detail:


Abstract Unix Domain Sockets

Varnish supports Unix Domain Sockets (UDS) for communication between services without having to rely on TCP/IP. This is great for services that run on the same machine. Typically this would be a TLS proxy in front of Varnish Cache.

 

Classic Unix Domain Sockets use a file path to facilitate and set up communication between processes on the same server. On recent Linux kernels there are also abstract sockets which do not use the file system, but a separate namespace, and Varnish Cache now supports these.

 

Abstract sockets are specified as listen/accept endpoints using the “@” notation followed by a unique name. 


This is how to accept incoming connections through classic UDS, using a file path:

varnishd \

 -a /var/run/varnish.sock,user=varnish,group=varnish,mode=660 \

 -f /etc/varnish/default.vcl

 

For this to work, you need a file that is accessible by both the client and the server.


In Varnish Cache 7.3, you can now use the abstract namespace for Unix Domain Sockets in the following way:

varnishd \

 -a @varnish \

 -f /etc/varnish/default.vcl

 

The same applies to backend connections over UDS. You can now use the “@” notation to connect to your backend. In the example below we use a hypothetical abstract socket named “@apache” that is used by an Apache web server:

backend default (

    .path = "@apache";

}

 

No ESI includes for failed objects

ESI is short for “Edge Side Includes” and represents a placeholder syntax that gets parsed “on the edge” by Varnish through subrequests. These ESI tags can be used to stitch together multiple objects into a single HTTP response and are often used to separate uncacheable content from the main (cacheable) content.


Here’s what an ESI tag looks like:

<esi:include src="/some-page" />

 

In Varnish Cache 7.3, ESI subrequests that return a status code other than 200 and 204 will result in a failure.

 

To circumvent this behavior you can either override the status code of a “failed” response in VCL or you can enable the param.set feature +esi_include_onerror feature flag and use an onerror="continue" attribute in your ESI tag as illustrated below:

<esi:include src="/some-page" onerror="continue" />

 

64 bit Varnish transaction IDs

 

As of Varnish Cache 7.3 the transaction IDs of Varnish transactions in the Varnish Shared Memory Logs have been extended to 64 bit numbers. The transaction IDs are now stored in a binary format and are a lot wider, which makes them incompatible with previous versions.

 

This means that older versions of the varnishlog, varnishtop and varnishncsa programs cannot be used to access Shared Memory Logs on Varnish Cache 7.3.

 

64 bit transaction IDs actually fit into an integer, which results in the VCL variables req.xid, bereq.xid and sess.xid now being integers instead of strings.

 

The reason for this expansion is to prevent transaction IDs from rolling over on a short-term basis. On a system with one million cache-missing single request sessions per second, Varnish transaction IDs will roll over in a little over ten years.

Via backends

Another exciting feature is the ability to route backend requests to a backend via another backend. This means you’re using one backend as a proxy to reach the destination backend.

 

Here’s what that looks like in VCL:

backend detour {

    .host = "...";

}

backend destination {

    .host = "...";

    .via = detour;

}


In this case, a connection is made to the “destination” backend, but it is routed through the “detour” backend. 

 

Keep in mind that a PROXY protocol v2 header that targets the destination is implicitly added. This ensures that the original connection information is maintained, regardless of the number of proxy servers it hops through. This also means that your “via” backend should support the PROXY protocol.

More changes

More changes, fixes and features that are part of Varnish Cache 7.3 can be found in the release notes on https://varnish-cache.org/docs/7.3/whats-new/changes-7.3.html.

 

The full documentation can be accessed on https://varnish-cache.org/docs/7.3/index.html 

 

Downloading Varnish Cache 7.3

Do you want to give Varnish Cache 7.3 a try? You can download the source code from https://varnish-cache.org/releases/index.html.

 

Packages are also available at https://packagecloud.io/varnishcache/varnish73.


Which versions of Varnish are now supported?

The Varnish Cache community only supports the 2 latest major versions. Now that Varnish Cache 7.3 is out, version 7.1 is end-of-life. Varnish 7.2 is still supported.


Additionally, Varnish Software still maintains a long-term supported version of Varnish Cache 6 called Varnish Cache 6.0 LTS. See https://www.varnish-software.com/developers/downloads/ for LTS download and install instructions.

 

The Varnish Book CTA