A new Docker image was expected since Varnish Cache 7.5 just got released a few days ago. But this time, the new image is NOT JUST a simple version update.

Indeed, we've also added a handful of features that will make your life easier, whether you are a new user or a veteran! Let's have a look at that new stuff!

For the newcomers: a more welcoming default.vcl

As I'm sure you know, one of Varnish's greatest strengths is its unparalleled configurability. It can be a caching server, a WAF, a load balancer, a little bit of all that, and more. This poses a question though: by default, what should Varnish be configured to do?

Historically, that default configuration has been a bit… stern. See for yourself. You could very easily start the Docker image with:

docker run -it -p 8080:80 varnish:7.3

But upon opening your browser to test locally (on localhost:8080), you'd be greeted with:

This is fair. After all, you didn't configure a backend, Varnish used the default one, and chances are nobody was listening on that

Now we try to be a bit more helpful. Let's try again with the new version:

docker run -it -p 8080:80 varnish:7.3

This gives us:

Varnish works! It just needs some extra attention, and it points you in the right direction. Much nicer!

Implementation-wise, we simply tweaked the default VCL to send a different synthetic message if we detect that no backend is configured.

For the impatient: Backend definition through environment variables

VCL is great and infinitely customizable, but sometimes, you just want Varnish in front of your backend, no questions asked. Hit ratio doesn't have to be optimal, backend probing is optional. For now, you just want a quick setup to test Varnish (or deploy in production to save a dying backend; we've all been there; we don't judge).

If that's you, we have two new variables for you, as hinted at by the welcome message we saw above:

docker run -it -p 8080:80 -e VARNISH_BACKEND_HOST=93.184.216.34 -e VARNISH_BACKEND_PORT=80 foo

And this will do exactly what you expect: Varnish will use 93.184.216.34:80 as its backend.

As for the previous point, we just tweaked the default VCL to read the provided environment variables and use them to create a backend. Because it’s pure VCL, you can integrate the logic into your own configuration and expand on it as you see fit, notably implementing support for more variables.

For the bug chasers: a more verbose built-in VCL

We've talked at length about the built-in VCL concept (https://info.varnish-software.com/blog/two-minute-tech-tuesdays-built-in-vcl, here, and here for example), but something we've never really touched is: how do you debug it? The answer to this can be a bit tricky because you need to know the built-in code exists, know where to find it (varnishd -x builtin, or here, you're welcome ;-) ), and you need to be able to correlate the VCL with the logs, for example:

-  VCL_call    BACKEND_RESPONSE
-  TTL        VCL 0 10 0 1710779937 cacheable
-  TTL         VCL 120 10 0 1710779937 cacheable
-  TTL         VCL 120 10 0 1710779937 uncacheable
-  VCL_return deliver

is probably a consequence of:

sub vcl_beresp_stale {
    if (beresp.ttl <= 0s) {
        call vcl_beresp_hitmiss;
    }
}

>sub vcl_beresp_hitmiss {
    set beresp.ttl = 120s;
    set beresp.uncacheable = true;
    return (deliver);
}

But it usually requires some experience to make that link correctly and/or efficiently. So, to simplify things, the Docker image once again cheats its way into helpfulness via VCL shenanigans!

In this case, we essentially bypass the built-in code with our own behavior-equivalent but more verbose version of it. With it, the previous message becomes way more helpful:

TTL        VCL 0 10 0 1710780285 cacheable
VCL_Log    built-in rule: marking object as Hit-for-Miss for two minutes (ttl <= 0s)
TTL        VCL 120 10 0 1710780285 cacheable
TTL        VCL 120 10 0 1710780285 uncacheable
VCL_return deliver

The line between your VCL and the built-in one is a lot clearer and decisions aren’t implicit anymore.

For all: Get the Varnish 7.5 Docker image now!

Why wait? You can get the varnish:7.5 image right now and take advantage of new features that simplify your Varnish experience:

docker run -p 80:80 varnish:7.5

Want to learn more? Check out our new blog, Varnish Cache 7.5 Is Now Available for the full list of new features and improvements included in the release.