Introduction
Varnish is an open-source HTTP accelerator and reverse proxy designed to increase website and API performance. This article explains how to install Varnish on a cloud server at Rcs and use it to cache frequently accessed content on an Apache web server.
Prerequisites
Before you begin, you need a fully-updated Ubuntu Linux 20.04 server and a sudo user account.
1. Install Apache
Update the local package index.
$ sudo apt update
Install Apache.
$ sudo apt install apache2
Configure the firewall to allow traffic.
$ sudo ufw allow http $ sudo ufw allow https
2. Configure Apache
Change the default port in Apache from 80 to 8080.
$ sudo sed -i -e 's/80/8080/g' /etc/apache2/ports.conf $ sudo sed -i -e 's/80/8080/g' /etc/apache2/sites-available/*
> If you add more sites later, you need to change their ports manually in their respective files in the
/etc/apache2/sites-available/
directory.Restart Apache.
$ sudo systemctl restart apache2
Verify Apache is listening on port 8080.
$ sudo netstat -pnlt | grep 8080 Output: tcp6 0 0 :::8080 :::* LISTEN 5987/apache2
3. Install Varnish
You must add the official Varnish Cache repository to install the LTS version of Varnish because the default Ubuntu repository has older, unsupported versions.
Add the necessary dependencies.
$ sudo apt install curl gnupg apt-transport-https
Install the GPG key for the package.
$ curl -L https://packagecloud.io/varnishcache/varnish60lts/gpgkey | sudo apt-key add -
Add the repository.
$ echo "deb https://packagecloud.io/varnishcache/varnish60lts/ubuntu/ focal main" | sudo tee -a /etc/apt/sources.list.d/varnish60lts.list
Specify a higher priority for this repository than the default package available in Ubuntu.
$ sudo nano /etc/apt/preferences.d/varnish
Add the following content to the file.
Package: varnish Pin: origin packagecloud.io Pin-Priority: 900
Update the local package index.
$ sudo apt update
Install Varnish.
$ sudo apt install varnish
4. Configure Varnish
Check the default address and port configuration.
Open the default Varnish configuration file.
$ sudo nano /etc/varnish/default.vcl
Verify the
backend default
section points to localhost (127.0.0.1) at port 8080.backend default { .host = "127.0.0.1"; .port = "8080"; }
Save and close the file.
Configure Varnish to listen at port 80 instead of the default of 6081.
Create the directory for the custom configuration file.
$ sudo mkdir /etc/systemd/system/varnish.service.d
Create the file.
$ sudo nano /etc/systemd/system/varnish.service.d/customport.conf
Add the following content to the file.
[Service] ExecStart= ExecStart=/usr/sbin/varnishd -a :80 -a localhost:8443,PROXY -p feature=+http2 -f /etc/varnish/default.vcl -s malloc,256m
Reload systemd to register the change.
$ sudo systemctl daemon-reload
Restart Varnish.
$ sudo systemctl restart varnish
Ensure Varnish is listening on port 80.
$ sudo netstat -ltnp | grep ':80 ' Output: tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 6242/varnishd tcp6 0 0 :::80 :::* LISTEN 6242/varnishd
5. Test Varnish
Use curl to make an HTTP request and verify the X-Varnish: 32778 32776
and Via: 1.1 varnish (Varnish/6.0)
headers appear in the output.
$ curl -I http://localhost/
Output:
HTTP/1.1 200 OK
Date: Thu, 14 Oct 2021 13:29:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 14 Oct 2021 13:25:29 GMT
Vary: Accept-Encoding
Content-Type: text/html
X-Varnish: 32778 32776
Age: 20
Via: 1.1 varnish (Varnish/6.0)
ETag: W/"2aa6-5ce50032ad812-gzip"
Accept-Ranges: bytes
Content-Length: 10918
Connection: keep-alive
Advanced Varnish Settings
How to leverage browser caching for media files
Open the Varnish default.vcl
file.
$ sudo nano /etc/varnish/default.vcl
Find sub vcl_backend_response
and add the following.
sub vcl_backend_response {
if (bereq.url ~ "\.(png|gif|jpg|swf|css|js)$") {
unset beresp.http.set-cookie;
set beresp.http.cache-control = "max-age = 2592000";
}
}
This tells the user's browser to cache png, gif, jpg, swf, css, and js files for 30 days.
How to purge the cache
If you need to purge the Varnish cache manually, you can purge the entire cache with:
$ sudo varnishadm 'ban req.url ~ .'
Or, you can purge cache entries for a single domain, such as www.example.com with:
$ sudo varnishadm 'ban req.http.host ~ www.example.com'
Troubleshooting
If curl returns HTTP/1.1 503 Backend fetch failed
, check the default.vcl
file.
$ sudo nano /etc/varnish/default.vcl
Ensure the backend default section points to Apache at port 8080.
backend default {
.host = "127.0.0.1";
.port = "8080";
}
More Information
Varnish is a sophisticated caching proxy with many configuration options beyond the scope of a simple installation guide. Please see the official site and Varnish Users Guide for more information.