2022/03/29 Fastly User Meetup @ysugimoto Getting robust VCL with falco

ysugimoto ೔ຊܦࡁ৽ฉࣾ Software Engineer / SRE Yoshiaki Sugimoto

falco is a VCL parser and linter optimized for Fastly

falco is a VCL parser and linter optimized for Fastly Not

Fastly Linter Command = falco

How do we automate applying production VCLs?

Deployment Flows at Nikkei 1. Using Terraform Provider 2. Custom VCLs using Fastly API

Apply custom VCLs using Fastly API 1. Build VCLs using template engine 2. Clone new version 3. Delete existing custom VCLs 4. Upload new VCL fi les ← Validate VCL 5. Activate new version CI/CD

• ίϯιʔϧ͔Β֬ೝͰ͖Δ͕CI/CD PipelineͰ͸ஞҰ֬ೝ͍ͯ͠ΒΕͳ͍ • Activateʹࣦഊͨ͠৔߹ɺෆཁͳόʔδϣϯ͕࡞ΒΕͯ͠·͏ VCL Errors in Fastly Console

• ߦ൪߸͸Fastlyͷ಺෦ॲཧʢϚΫϩల։ͳͲʣΛऴ͑ͨ͋ͱͷߦ਺Ͱ͋Δͨ Ίɺ࣮ίʔυͱରԠ͍ͯ͠ͳ͍ • ϑΝΠϧ໊΋ग़ͳ͍ͨΊɺෳ਺ϞδϡʔϧϑΝΠϧ͕͋Δ৔߹ಛఆ͕ࠔ೉ Ambiguous Error Reporting … sub vcl_recv { #FASTLY RECV set req.backend = origin_1 return (pass); } … Missing Semicolon!

VCL statistics in ೔ܦిࢠ൛ 44 submodule inclusion 8,844 Lines (※ include comments) 88 subroutines 124 backends 25 Directors ※ 2022/03/29࣌఺

Improve CI/CD pipeline 1. Build VCLs using template engine 2. Lint built VCLs with falco ← Validate VCL 3. Clone new version 4. Delete existing custom VCLs 5. Upload new VCL fi les ← Ensured valid VCL 6. Activate new version CI/CD

VCL is a programming language?

Varnish Configuration Language

Configuration Design and Best Practices From a syntax perspective, the configuration language should offer the following: 1. Syntax highlighting in editors 2. Linter 3. Automatic syntax formatter https://sre.google/workbook/con fi guration-design/

From a syntax perspective, the configuration language should offer the following: 1. Syntax highlighting in editors 2. Linter 3. Automatic syntax formatter Configuration Design and Best Practices https://sre.google/workbook/con fi guration-design/

falco aims to cover the linter

Underlying falco features • Completely runs on local machine / CI • Basic syntax check • Strict type check • Suggest Fastly recommended ways • Assuming problems in VCL

• ߦ൪߸ɺϑΝΠϧ໊ͱڞʹ໰୊ͷ͋ΔՕॴΛදࣔ • VCLͷγϯλοΫεؒҧ͍Λࣄલʹݕग़ Basic syntax check … sub vcl_recv { #FASTLY RECV set req.backend = origin_1 return (pass); } … Missing Semicolon!

• ʢϦςϥϧʣ୅ೖܕͷҧ͍ΛΤϥʔͱͯ͠Ϩϙʔτ • ؔ࿈͢ΔFastlyͷυΩϡϝϯτ΁ͷϦϯΫΛఏࣔ Strict type check

• Fastlyͷਪ঑͢ΔઃఆΛఏҊ • ؔ࿈͢ΔFastlyͷυΩϡϝϯτ΁ͷϦϯΫΛఏࣔ Suggest Fastly recommended ways

• ໰୊ʹͳΓͦ͏ͳهड़ʹରͯ͠ܯࠂʢΤϥʔʹ͸͠ͳ͍ʣ Assuming problems in VCL

Linter Features

Linter Features • جຊతͳϧʔϧ + ӡ༻ܦݧ͔ΒಘͨϧʔϧηοτΛ࣮૷ • Varnish༝དྷʢʁʣͷUndocumentedͳSpecΛؚΊͰ͖Δ ݶΓαϙʔτ

Linter Rules • Root Statementsͷॏෳఆٛ • Backend/Directorͷඞਢఆٛݕࠪ • Boilerplate Macroͷهड़࿙Ε • ϩʔΧϧม਺ͷγϯλοΫεݕࠪ • ୅ೖ࣌ͷܕݕࠪ • Statementͷར༻Մೳείʔϓݕࠪ • ҙਤ͠ͳ͍Literalͷར༻ • ະ࢖༻ม਺ɾStatementͷݕग़ • ૊ΈࠐΈؔ਺ͷҾ਺ͷਖ਼౰ੑݕࠪ • ਖ਼نදݱΩϟϓνϟͷ্ॻ͖ܯࠂ • ਖ਼نදݱͷਖ਼౰ੑݕࠪ • Include͞ΕͨϞδϡʔϧͷ࠶ؼݕࠪ • IPܕ/CIDRͷਖ਼౰ੑݕࠪ • ૊ΈࠐΈม਺ͷset/unsetͷՄ൱ݕࠪ • Fastlyͷ੍ݶࣄ߲ݕࠪ • Subroutineͷείʔϓೝࣝ https://github.com/ysugimoto/falco/blob/main/docs/rules.md

Error Levels • ERROR • Activate࣌ʹΤϥʔʹͳΔͷͰमਖ਼͕ඞཁ • WARNING • ActivateՄೳ͕ͩ༧ظ͠ͳ͍ৼΔ෣͍͕ى͜ΔՄೳੑ͕͋Δ • INFO • ActivateՄೳɺFastlyਪ঑ͷهड़ͷఏҊͳͲ

Remote Snippets Support • Edge Dictionary • Access Control Lists Fastly্ʹొ࿥͍ͯ͠ΔεχϖοτΛؚΊͯLinting

From a syntax perspective, the configuration language should offer the following: 1. Syntax highlighting in editors 2. Linter 3. Automatic syntax formatter Configuration Design and Best Practices https://sre.google/workbook/con fi guration-design/

Roadmap • Implement Formatter • Implement statistics command

https://github.com/ysugimoto/falco PR Welcome 😉

Thanks!