Getting robust VCL with falco

Transcript

1. 2022/03/29 Fastly User Meetup @ysugimoto Getting robust VCL with falco

2. ysugimoto ೔ຊܦࡁ৽ฉࣾ Software Engineer / SRE Yoshiaki Sugimoto

3. falco is a VCL parser and linter optimized for Fastly

4. falco is a VCL parser and linter optimized for Fastly

   Not

5. Fastly Linter Command = falco

6. How do we automate applying production VCLs?

7. Deployment Flows at Nikkei 1. Using Terraform Provider 2. Custom

   VCLs using Fastly API

8. Apply custom VCLs using Fastly API 1. Build VCLs using

   template engine 2. Clone new version 3. Delete existing custom VCLs 4. Upload new VCL fi les ← Validate VCL 5. Activate new version CI/CD

9. • ίϯιʔϧ͔Β֬ೝͰ͖Δ͕CI/CD PipelineͰ͸ஞҰ֬ೝ͍ͯ͠ΒΕͳ͍ • Activateʹࣦഊͨ͠৔߹ɺෆཁͳόʔδϣϯ͕࡞ΒΕͯ͠·͏ VCL Errors in Fastly Console

10. • ߦ൪߸͸Fastlyͷ಺෦ॲཧʢϚΫϩల։ͳͲʣΛऴ͑ͨ͋ͱͷߦ਺Ͱ͋Δͨ Ίɺ࣮ίʔυͱରԠ͍ͯ͠ͳ͍ • ϑΝΠϧ໊΋ग़ͳ͍ͨΊɺෳ਺ϞδϡʔϧϑΝΠϧ͕͋Δ৔߹ಛఆ͕ࠔ೉ Ambiguous Error Reporting … sub

    vcl_recv { #FASTLY RECV set req.backend = origin_1 return (pass); } … Missing Semicolon!

11. VCL statistics in ೔ܦిࢠ൛ 44 submodule inclusion 8,844 Lines (※

    include comments) 88 subroutines 124 backends 25 Directors ※ 2022/03/29࣌఺

12. Improve CI/CD pipeline 1. Build VCLs using template engine 2.

    Lint built VCLs with falco ← Validate VCL 3. Clone new version 4. Delete existing custom VCLs 5. Upload new VCL fi les ← Ensured valid VCL 6. Activate new version CI/CD

13. VCL is a programming language?

14. Varnish Configuration Language

15. Configuration Design and Best Practices From a syntax perspective, the

    configuration language should offer the following: 1. Syntax highlighting in editors 2. Linter 3. Automatic syntax formatter https://sre.google/workbook/con fi guration-design/

16. From a syntax perspective, the configuration language should offer the

    following: 1. Syntax highlighting in editors 2. Linter 3. Automatic syntax formatter Configuration Design and Best Practices https://sre.google/workbook/con fi guration-design/

17. falco aims to cover the linter

18. Underlying falco features • Completely runs on local machine /

    CI • Basic syntax check • Strict type check • Suggest Fastly recommended ways • Assuming problems in VCL

19. • ߦ൪߸ɺϑΝΠϧ໊ͱڞʹ໰୊ͷ͋ΔՕॴΛදࣔ • VCLͷγϯλοΫεؒҧ͍Λࣄલʹݕग़ Basic syntax check … sub vcl_recv

    { #FASTLY RECV set req.backend = origin_1 return (pass); } … Missing Semicolon!

20. • ʢϦςϥϧʣ୅ೖܕͷҧ͍ΛΤϥʔͱͯ͠Ϩϙʔτ • ؔ࿈͢ΔFastlyͷυΩϡϝϯτ΁ͷϦϯΫΛఏࣔ Strict type check

21. • Fastlyͷਪ঑͢ΔઃఆΛఏҊ • ؔ࿈͢ΔFastlyͷυΩϡϝϯτ΁ͷϦϯΫΛఏࣔ Suggest Fastly recommended ways

22. • ໰୊ʹͳΓͦ͏ͳهड़ʹରͯ͠ܯࠂʢΤϥʔʹ͸͠ͳ͍ʣ Assuming problems in VCL

23. Linter Features

24. Linter Features • جຊతͳϧʔϧ + ӡ༻ܦݧ͔ΒಘͨϧʔϧηοτΛ࣮૷ • Varnish༝དྷʢʁʣͷUndocumentedͳSpecΛؚΊͰ͖Δ ݶΓαϙʔτ

25. Linter Rules • Root Statementsͷॏෳఆٛ • Backend/Directorͷඞਢఆٛݕࠪ • Boilerplate Macroͷهड़࿙Ε

    • ϩʔΧϧม਺ͷγϯλοΫεݕࠪ • ୅ೖ࣌ͷܕݕࠪ • Statementͷར༻Մೳείʔϓݕࠪ • ҙਤ͠ͳ͍Literalͷར༻ • ະ࢖༻ม਺ɾStatementͷݕग़ • ૊ΈࠐΈؔ਺ͷҾ਺ͷਖ਼౰ੑݕࠪ • ਖ਼نදݱΩϟϓνϟͷ্ॻ͖ܯࠂ • ਖ਼نදݱͷਖ਼౰ੑݕࠪ • Include͞ΕͨϞδϡʔϧͷ࠶ؼݕࠪ • IPܕ/CIDRͷਖ਼౰ੑݕࠪ • ૊ΈࠐΈม਺ͷset/unsetͷՄ൱ݕࠪ • Fastlyͷ੍ݶࣄ߲ݕࠪ • Subroutineͷείʔϓೝࣝ https://github.com/ysugimoto/falco/blob/main/docs/rules.md

26. Error Levels • ERROR • Activate࣌ʹΤϥʔʹͳΔͷͰमਖ਼͕ඞཁ • WARNING • ActivateՄೳ͕ͩ༧ظ͠ͳ͍ৼΔ෣͍͕ى͜ΔՄೳੑ͕͋Δ

    • INFO • ActivateՄೳɺFastlyਪ঑ͷهड़ͷఏҊͳͲ

27. Remote Snippets Support • Edge Dictionary • Access Control Lists

    Fastly্ʹొ࿥͍ͯ͠ΔεχϖοτΛؚΊͯLinting

28. From a syntax perspective, the configuration language should offer the

    following: 1. Syntax highlighting in editors 2. Linter 3. Automatic syntax formatter Configuration Design and Best Practices https://sre.google/workbook/con fi guration-design/

29. Roadmap • Implement Formatter • Implement statistics command

30. https://github.com/ysugimoto/falco PR Welcome 😉

31. Thanks!