In Beginning of 2011 we upgraded some varnish-cache servers from SLES10(SP3) to SLES11. Although ‚real‘ upgrading would have been possible, these machines were completely reinstalled because it was possible (all backends groups have a set of two redundant varnish servers).
While the reinstallation of the machines was done without any problems we had some small problems with varnish thereafter. Shortly said we had two problems which needed to be fixed:
While SLES10 was configured – right – SLES11 had a default virtual memory configuration using the same size like real memory was. This means if a machine had 32 gb of RAM, it was configured to use virtual memory up to 32 gb only – which is not the best idea when it comes to using virtual memory with a program like varnish-cache.
Nevertheless a simple ulimit -v unlimited inside the varnish initrc script solved this problem.
I wrote a monitoring script collecting a bunch of info from the running varnish-cache and writing this to some log file. This perl script runs with normal user permissions and ran fine on SLES10. After the upgrade to SLES11 it could not open the shared memory file of varnish located in /var/lib/varnish/<instance>/_.vsl due to missing read permissions on this file and the instance subdirectory which was created at varnish startup.
Seems that the default umask was changed. Therefore a umask 022 inside the varnish initrc script solved the problem.