Varnish

This document describes how to configure your Google Kubernetes Engine deployment so that you can use Google Cloud Managed Service for Prometheus to collect metrics from Varnish. This document shows you how to do the following:

Set up the exporter for Varnish to report metrics.
Configure a PodMonitoring resource for Managed Service for Prometheus to collect the exported metrics.
Access a dashboard in Cloud Monitoring to view the metrics.
Configure alerting rules to monitor the metrics.

These instructions apply only if you are using managed collection with Managed Service for Prometheus. If you are using self-deployed collection, then see the source repository for the Varnish exporter for installation information.

These instructions are provided as an example and are expected to work in most Kubernetes environments. If you are having trouble installing an application or exporter due to restrictive security or organizational policies, we recommend you consult open-source documentation for support.

For information about Varnish, see Varnish.

Prerequisites

To collect metrics from Varnish by using Managed Service for Prometheus and managed collection, your deployment must meet the following requirements:

Your cluster must be running Google Kubernetes Engine version 1.21.4-gke.300 or later.
You must be running Managed Service for Prometheus with managed collection enabled. For more information, see Get started with managed collection.
To use dashboards available in Cloud Monitoring for the Varnish integration, you must use prometheus_varnish_exporter version "1.6.1" or later.
For more information about available dashboards, see View dashboards.

The Varnish exporter scrapes the output of the varnishstat command. It requires process namespace sharing and access to the Varnish container's /var/lib/varnish directory.

The Varnish exporter is not published as a container image; you must build your own. The following example demonstrates how to build an exporter container image that contains the exporter and the varnishstat command.

# Copyright 2024 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

FROM debian:stable-slim as stage
WORKDIR /exporter
ADD https://github.com/jonnenauha/prometheus_varnish_exporter/releases/download/1.6.1/prometheus_varnish_exporter-1.6.1.linux-amd64.tar.gz /exporter/exporter.tar.gz
RUN tar -xvf exporter.tar.gz
RUN chmod +x /exporter/prometheus_varnish_exporter-1.6.1.linux-amd64/prometheus_varnish_exporter
FROM varnish:7.2.0
COPY --from=stage /exporter/prometheus_varnish_exporter-1.6.1.linux-amd64/prometheus_varnish_exporter /prometheus_varnish_exporter
ENTRYPOINT [ "/prometheus_varnish_exporter" ]

Install the Varnish exporter

We recommend that you install the Varnish exporter, prometheus_varnish_exporter, as a sidecar to your Varnish workload. For information about using sidecars, see Extended applications on Kubernetes with multi-container pods.

To install prometheus_varnish_exporter as a sidecar to Varnish, modify your Varnish configuration as shown in the following example:

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: varnish
spec:
  selector:
    matchLabels:
+     app.kubernetes.io/name: varnish
  template:
    metadata:
      name: varnish
      labels:
+       app.kubernetes.io/name: varnish
    spec:
      containers:
      - name: varnish
        image: varnish:7.2.0
+       volumeMounts:
+         - name: shared-data
+           mountPath: /var/lib/varnish
+       env:
+       - name: VARNISH_HTTP_PORT
+         value: "8080"
+     - name: exporter
+       image: <custom-docker-image>
+       volumeMounts:
+         - name: shared-data
+           mountPath: /var/lib/varnish
+           readOnly: true
+       ports:
+       - containerPort: 9131
+         name: prometheus
+     volumes:
+       - name: shared-data
+         emptyDir: {}
+     shareProcessNamespace: true

You must add any lines preceded by the + symbol to your configuration.

To apply configuration changes from a local file, run the following command:

kubectl apply -n NAMESPACE_NAME -f FILE_NAME

You can also use Terraform to manage your configurations.

Define a PodMonitoring resource

For target discovery, the Managed Service for Prometheus Operator requires a PodMonitoring resource that corresponds to the Varnish exporter in the same namespace.

You can use the following PodMonitoring configuration:

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: monitoring.googleapis.com/v1
kind: PodMonitoring
metadata:
  name: varnish
  labels:
    app.kubernetes.io/name: varnish
    app.kubernetes.io/part-of: google-cloud-managed-prometheus
spec:
  endpoints:
  - port: prometheus
    scheme: http
    interval: 30s
    path: /metrics
  selector:
    matchLabels:
      app.kubernetes.io/name: varnish

Ensure that the label selectors and the port match the selectors and port used in Install the Varnish exporter.

To apply configuration changes from a local file, run the following command:

kubectl apply -n NAMESPACE_NAME -f FILE_NAME

You can also use Terraform to manage your configurations.

Define rules and alerts

You can use the following Rules configuration to define alerts on your Varnish metrics:

# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: monitoring.googleapis.com/v1
kind: Rules
metadata:
  name: varnish-rules
  labels:
    app.kubernetes.io/component: rules
    app.kubernetes.io/name: varnish-rules
    app.kubernetes.io/part-of: google-cloud-managed-prometheus
spec:
  groups:
  - name: varnish
    interval: 30s
    rules:
    - alert: VarnishBackendConnectionFailure
      annotations:
        description: |-
          Varnish backend connection failure
            VALUE = {{ $value }}
            LABELS: {{ $labels }}
        summary: Varnish backend connection failure (instance {{ $labels.instance }})
      expr: varnish_backend_fail > 0
      for: 5m
      labels:
        severity: critical
    - alert: VarnishHighCacheEvictions
      annotations:
        description: |-
          Varnish high cache evictions
            VALUE = {{ $value }}
            LABELS: {{ $labels }}
        summary: Varnish high cache evictions (instance {{ $labels.instance }})
      expr: rate(varnish_main_n_obj_purged[5m]) >= 10
      for: 5m
      labels:
        severity: warning
    - alert: VarnishHighServerLimit
      annotations:
        description: |-
          Varnish high server limit
            VALUE = {{ $value }}
            LABELS: {{ $labels }}
        summary: Varnish high server limit (instance {{ $labels.instance }})
      expr: varnish_main_threads_failed > 0
      for: 5m
      labels:
        severity: critical
    - alert: VarnishSessionsDropped
      annotations:
        description: |-
          Varnish sessions dropped
            VALUE = {{ $value }}
            LABELS: {{ $labels }}
        summary: Varnish sessions dropped (instance {{ $labels.instance }})
      expr: varnish_main_sessions{type="dropped"} > 0
      for: 5m
      labels:
        severity: critical

To apply configuration changes from a local file, run the following command:

kubectl apply -n NAMESPACE_NAME -f FILE_NAME

You can also use Terraform to manage your configurations.

For more information about applying rules to your cluster, see Managed rule evaluation and alerting.

You can adjust the alert thresholds to suit your application.

Verify the configuration

You can use Metrics Explorer to verify that you correctly configured the Varnish exporter. It might take one or two minutes for Cloud Monitoring to ingest your metrics.

To verify the metrics are ingested, do the following:

In the navigation panel of the Google Cloud console, select Monitoring, and then select Metrics explorer:
Go to Metrics explorer
In the toolbar of the query-builder pane, select the button whose name is either MQL or PromQL.
Verify that PromQL is selected in the Language toggle. The language toggle is in the same toolbar that lets you format your query.

Enter and run the following query:

up{job="varnish", cluster="CLUSTER_NAME", namespace="NAMESPACE_NAME"}

View dashboards

The Cloud Monitoring integration includes the Varnish Prometheus Overview dashboard. Dashboards are automatically installed when you configure the integration. You can also view static previews of dashboards without installing the integration.

To view an installed dashboard, do the following:

In the navigation panel of the Google Cloud console, select Monitoring, and then select Dashboards:
Go to Dashboards
Select the Dashboard List tab.
Choose the Integrations category.
Click the name of the dashboard, for example, Varnish Prometheus Overview.

To view a static preview of the dashboard, do the following:

In the navigation panel of the Google Cloud console, select Monitoring, and then select Integrations:
Go to Integrations
Click the Kubernetes Engine deployment-platform filter.
Locate the Varnish integration and click View Details.
Select the Dashboards tab.

Troubleshooting

For information about troubleshooting metric ingestion problems, see Problems with collection from exporters in Troubleshooting ingestion-side problems.