PRIV_REQ/SESS in vcl_backend_*

Dag Haavi Finstad daghf at varnish-software.com
Tue Nov 25 14:49:49 CET 2014 

Hi again

Here's a new set of patches, following the discussion at VDD14Q4
(https://www.varnish-cache.org/trac/wiki/VDD14Q4#Notestakenduringthemeeting)

To summarize the changes,
 - PRIV_SESS is dropped.
 - PRIV_REQ is reintroduced as PRIV_TASK, which is also available as a
separate priv pointer in vcl_backend_*.

regards,
Dag

On Thu, Nov 20, 2014 at 9:07 AM, Dag Haavi Finstad
<daghf at varnish-software.com> wrote:
> Hi
>
> Here's a suggestion (and a set of patches) for what PRIV_REQ/SESS
> could look like in vcl_backend_*, mostly based around IRC discussion.
>
> The idea is to make PRIV_REQ available also in vcl_backend_*, and then
> give a separate priv object from the one used on the client side.
> Realizing this could lead to confusion, it was suggested to rename it
> PRIV_XID. The priv object will however survive a VCL restart/retry, so
> the name is not completely honest in that it is not restricted to a
> single XID. I think this is the behavior that makes the most sense,
> but I'm not super excited about the name.
>
> A second point is regarding PRIV_SESS. A concern with PRIV_SESS is
> that the remote Varnish is talking to very often tends to be not the
> client itself, but rather a load balancer dispatching requests from a
> bunch of clients over the same persistent connections. So if you were
> to introduce a priv_sess vmod that handles some sort of client state
> in such a scenario, you will very quickly shoot yourself in the foot
> and leak state across clients unless you know what you are doing. I
> think the problems solved by PRIV_SESS are typically solved much safer
> via PRIV_REQ.
>
> A point brought up by Tollef on IRC is that PRIV_SESS lets you share
> state between a request and its ESI subrequests, something that has
> legitimate use cases. Patch #5 (attached) drops PRIV_SESS and
> introduces PRIV_ESI, which restricts the scope to a request and its
> client-side subrequests.
>
> Feedback/comments/complaints very welcome. :-)
>
> regards,
> Dag
>
> --
> Dag Haavi Finstad
> Software Developer | Varnish Software
> Mobile: +47 476 64 134
> We Make Websites Fly!



-- 
Dag Haavi Finstad
Software Developer | Varnish Software
Mobile: +47 476 64 134
We Make Websites Fly!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Drop-PRIV_SESS-as-agreed-on-VDD14Q4.patch
Type: text/x-patch
Size: 5425 bytes
Desc: not available
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-dev/attachments/20141125/5c186371/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Make-the-VRTPRIV_-interface-slightly-more-generic-to.patch
Type: text/x-patch
Size: 6037 bytes
Desc: not available
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-dev/attachments/20141125/5c186371/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-Reintroduce-PRIV_REQ-as-PRIV_TASK.-PRIV_TASK-is-avai.patch
Type: text/x-patch
Size: 11984 bytes
Desc: not available
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-dev/attachments/20141125/5c186371/attachment-0005.bin>

More information about the varnish-dev mailing list