Varnish for backend hosted inside kubernetes

Question

I am trying to run varnish cache locally. Proxying the domain which is managed by kubernetes with nginx-ingress-controller.

As a result I have ELB and ingress controller routes requests to 3 different kubernetes nodes and I getting the following error:

➜ docker logs a5d30511ffc756f2b5cf4b243ff66d1d9e9d7d47f560f3ca03d07b42efcc763a
Could not delete 'vcl_boot.1601710985.783551/vgc.sym': No such file or directory
Error:
Message from VCC-compiler:
Backend host "sub.domain.com:443": resolves to too many addresses.
Only one IPv4 and one IPv6 are allowed.
Please specify which exact address you want to use, we found all of these:
    31.208.6.184:443
    31.208.221.23:443
    35.161.52.197:443
('/etc/varnish/default.vcl' Line 4 Pos 11)
  .host = "sub.domain.com:443";
----------###########################-


In backend specification starting at:
('/etc/varnish/default.vcl' Line 3 Pos 1)
backend default {
#######----------

Running VCC-compiler failed, exited with 2
VCL compilation failed

so my config is:

vcl 4.0;

backend default {
  .host = "sub.domain.com:443";
}

What can be done?

Answer 1

First of all, you shouldn't include the port number in the .host attribute. There is a separate .port attribute for that.

The syntax is as follows:

backend default {
    .host = "xxx";
    .port = "xxx";
}

If you don't specify a port attribute, Varnish will use port 80 as the default value.

In theory, you could add .port = "443"; to your backend definition, but using port 443 implies a TLS connection.

Varnish Cache, the open source version of Varnish, doesn't support backend connections using TLS. However, Varnish Enterprise, the commercial version of Varnish does.

See https://docs.varnish-software.com/varnish-cache-plus/features/backend-ssl/ for more information about backend TLS in Varnish Enterprise. See http://varnish-cache.org/docs/trunk/reference/vcl.html#backend-definition

Your specific error

Your specific errors occurs because the hostname you're using, resolves to multiple IP addresses.

Please either use another hostname, that only refers to a single IP, or use the IP address of the node you're trying to use.

Another option is to switch to Varnish Enterprise and use the dynamic backend module.