Varnish Web Cache on CentOS

Published Tuesday, Oct 29, 2019 by Tony Davis

Varnish is a web cache and http accelerator. It is used improve the performance of dynamic websites by caching pages and then serving the cached version rather than dynamically creating them every time they are requested.

Install Varnish

Install Varnish from the Varnish repositories.

Add Varnish Repository

The first thing you need to do is add and enable the Varnish repository. Follow the link to install the correct versionĀ https://www.varnish-cache.org/installation/redhat

Install the Varnish Application

[root@server ~]# yum install varnish

Configure Varnish to work with Apache

We now need to enable the configuration.

Enable Configuration

Open the varnish config file

[root@server ~]# vi /etc/sysconfig/varnish

Scroll down to the Alternative Configurations. The easiest way to configure Varnish is to enable configuration 2. Comment out with a # all the other alternative configurations. The configuration should look like the below snippet.

## Alternative 2, Configuration with VCL
#
# Listen on port 80, administration on localhost:6082, and forward to
# one content server selected by the vcl file, based on the request. Use a
# fixed-size cache file.
#
DAEMON_OPTS="-a :80 \
 -T localhost:6082 \
 -f /etc/varnish/default.vcl \
 -u varnish -g varnish \
 -S /etc/varnish/secret \
 -s file,/var/lib/varnish/varnish_storage.bin,1G"

Line 7 tells Varnish to listen on port 80 for web traffic. Line 8 tells Varnish to listen on localhost port 6082 for admin traffic. Line 9, tells Varnish to load the default.vcl. Line 10 is the user and group to varnish under. Line 11 is the Varnish secret key. Line 12 is what method for Varnish to store the cached information and to what size to allow it to grow.

Configure Default VCL

Open the default vcl file.

[root@server ~]# vi /etc/varnish/default.vcl

edit the “backend default” section to look like the below.

backend default {
    .host = "127.0.0.1";
    .port = "8080";
}

This tells Varnish to send all traffic to localhost (127.0.0.1) on port 8080. This is the port and ip that apache will be listening on.

Configure Apache to work with Varnish

Next we need to configure Apache to work with Varnish.

Configure Apache (Main)

Open the apache config file

[root@server ~]# vi /etc/httpd/conf/httpd.conf

Change the “Listen” line to the following

#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, in addition to the default. See also the
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
Listen 127.0.0.1:8080

This makes Apache listen on 127.0.0.1 on port

Configure Apache (Virtual Hosts)

If you run virtual hosts on apache you will also need to reconfigure them to listen on 127.0.0.1 on port 8080 too. Change the “NameVirtualHost” to look like this

NameVirtualHost 127.0.0.1:8080

You will also need to change each Virtual Host section to listen on 127.0.0.1 on port 80. Below is an example.

<VirtualHost 127.0.0.1:8080>
        ServerName example.com
        ServerAdmin webmaster@example.com

        DocumentRoot /var/www/example.com/htdocs
        ErrorLog /var/www/example.com/logs/www.example.com.error.log
        CustomLog /var/www/example.com/logs/www.example.com.access.log combined
</VirtualHost>

Forward User IPs to Logs

You may have seen that the web servers logs only display 127.0.0.1 as the source IP. This causes problems when you need to run stats on the log file, as you loose quite a bit of information from loosing the IPs. This is quite an easy fix.

Update default VCL

Open the default.vcl

[root@server ~]# vi /etc/varnish/default.vcl

You need to update the default vcl with the below code. This will forward the source IP.

backend default {
  .host = "127.0.0.1";
  .port = "8080";
}

sub vcl_recv {
  remove req.http.X-Forwarded-For;
  set req.http.X-Forwarded-For = client.ip;
}

Apache Custom Log

We need to create a custom log to deal with the information from Varnish.

Create the following file

[root@server ~]# vi /etc/httpd/conf.d/varnish-log.conf

with the following content

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" varnishcombined

Update Web Hosts

You will now need to update the web hosts to state that the log format will be “varnishcombined” below is an example.

<VirtualHost 127.0.0.1:8080>
        ServerName example.com
        ServerAdmin webmaster@example.com

        DocumentRoot /var/www/example.com/htdocs
        ErrorLog /var/www/example.com/logs/www.example.com.error.log
        #CustomLog /var/www/example.com/logs/www.example.com.access.log combined
        CustomLog /var/www/example.com/logs/www.example.com.access.log varnishcombined
</VirtualHost>

As you can see from the example above, the old “CustomLog” is now commented out and the new “CustomLog” with the varnishcombined entry is active.

Restart Services

Restart Apache

[root@server ~]# /sbin/service httpd restart

Restart Varnish

[root@server ~]# /sbin/service varnish restart

Set Auto Start

Auto Start Apache

[root@server ~]# /sbin/chkconfig httpd on

Auto Start Varnish

[root@server ~]# /sbin/chkconfig varnish on

Thats it you now have a working Apache Web Server fronted with a Varnish Web Cache.

comments powered by Disqus