Knowledgebase

Install Varnish Cache for Apache on CentOS 7 Print

  • 0

This guide explains how to install Varnish Cache 6.0 with Apache on CentOS 7. Varnish Cache is an open-source caching HTTP reverse proxy that can help improve a web server's performance. This tutorial uses CentOS 7 without SELinux. If you need to disable SELinux, see our article "How to Disable SELinux on CentOS".

Prerequisites

1. Configure Firewall

If you use FirewallD, modify the firewall rules to allow inbound traffic on port 80. If you are unsure of your firewall configuration, see our articles about FirewallD and troubleshooting server connections. These commands assume you have a freshly-deployed Rcs CentOS 7 instance:

$ sudo firewall-cmd --zone=public --permanent --add-service=http

$ sudo firewall-cmd --reload

2. Install Apache

Install Apache HTTP server.

$ sudo yum install -y httpd

Set Apache port to 8080. Edit httpd.conf with nano.

$ sudo nano /etc/httpd/conf/httpd.conf

Change the line "Listen 80" to "Listen 8080", then save and close the file. The line should like like this when finished.

    Listen 8080

Start the Apache service.

$ sudo systemctl start httpd.service

$ sudo systemctl enable httpd.service

3. Test Apache configuration

Create a test file.

$ sudo touch /var/www/html/test.html

Use curl to test the server at port 8080. This verifies Apache is configured correctly.

$ curl -I http://localhost:8080/test.html



HTTP/1.1 200 OK

Date: Fri, 10 Jul 2020 13:10:04 GMT

Server: Apache/2.4.6 (CentOS)

Last-Modified: Fri, 10 Jul 2020 13:09:56 GMT

ETag: "0-5aa160eb192a8"

Accept-Ranges: bytes

Content-Type: text/html; charset=UTF-8

4. Install Varnish

Add the EPEL repository.

$ sudo yum install -y epel-release

Install the dependency packages.

$ sudo yum install -y pygpgme yum-utils

Add the Varnish Cache repository. Edit /etc/yum.repos.d/varnish60lts.repo

$ sudo nano /etc/yum.repos.d/varnish60lts.repo

Paste the following, then save and close the file.

[varnish60lts]

name=varnishcache_varnish60lts

baseurl=https://packagecloud.io/varnishcache/varnish60lts/el/7/x86_64

repo_gpgcheck=1

gpgcheck=0

enabled=1

gpgkey=https://packagecloud.io/varnishcache/varnish60lts/gpgkey

sslverify=1

sslcacert=/etc/pki/tls/certs/ca-bundle.crt

metadata_expire=300

Update the yum cache for the Varnish repo.

$ sudo yum -q makecache -y --disablerepo='*' --enablerepo='varnish60lts'

Install Varnish.

$ sudo yum install -y varnish

Verify Varnish is installed and the correct version.

$ sudo varnishd -V

varnishd (varnish-6.0.6 revision 29a1a8243dbef3d973aec28dc90403188c1dc8e7)

Copyright (c) 2006 Verdens Gang AS

Copyright (c) 2006-2019 Varnish Software AS

Enable Varnish at system boot.

$ sudo systemctl enable --now varnish

Configure Varnish to listen at port 80, from the default of 6081. Edit varnish.service with nano.

$ sudo nano /usr/lib/systemd/system/varnish.service

Change the line beginning with ExecStart from port 6081 to port 80, then save and close the file. The line should like like this when finished.

ExecStart=/usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m

Restart the Varnish service.

$ sudo systemctl daemon-reload

$ sudo systemctl restart varnish

5. Test the Installation

Use curl to test from the server console.

$ curl -I http://localhost/test.html

The output should resemble this. The X-Varnish: 2 and Via: 1.1 varnish (Varnish/6.0) headers appear when Varnish Cache is running.

HTTP/1.1 200 OK

Date: Thu, 09 Jul 2020 18:46:00 GMT

Server: Apache/2.4.6 (CentOS)

Last-Modified: Thu, 09 Jul 2020 18:45:53 GMT

ETag: "0-5aa06a2507662"

Content-Length: 0

Content-Type: text/html; charset=UTF-8

X-Varnish: 2

Age: 0

Via: 1.1 varnish (Varnish/6.0)

Accept-Ranges: bytes

Connection: keep-alive

Test from your local workstation, substitute your instance's IP address. Verify the Varnish headers appear.

Linux:

$ curl -I http://192.0.2.123/test.html

Windows PowerShell:

PS> curl -Uri http://192.0.2.123/test.html

Troubleshooting

Check ports

Use the ss utility to verify which processes are listening on which ports.

# ss -lnpt | grep 80

LISTEN     0      128          *:80                       *:*                   users:(("cache-main",pid=2253,fd=3),("varnishd",pid=2243,fd=3))

LISTEN     0      128       [::]:80                    [::]:*                   users:(("cache-main",pid=2253,fd=5),("varnishd",pid=2243,fd=5))

LISTEN     0      128       [::]:8080                  [::]:*                   users:(("httpd",pid=1373,fd=4),("httpd",pid=1372,fd=4),("httpd",pid=1371,fd=4),("httpd",pid=1370,fd=4),("httpd",pid=1369,fd=4),("httpd",pid=1368,fd=4))

Make sure varnishd is listening on port 80 and httpd is on port 8080 as shown.

Test with curl

$ curl -I http://localhost/test.html



HTTP/1.1 503 Backend fetch failed

Date: Fri, 10 Jul 2020 14:01:13 GMT

Server: Varnish

Content-Type: text/html; charset=utf-8

Retry-After: 5

X-Varnish: 2

Age: 0

Via: 1.1 varnish (Varnish/6.0)

Content-Length: 278

Connection: keep-alive

If curl returns "HTTP/1.1 503 Backend fetch failed" as shown above, check the /etc/varnish/default.vcl file.

$ nano /etc/varnish/default.vcl

Make sure the backend default section points to Apache at port 8080.

backend default {

    .host = "127.0.0.1";

    .port = "8080";

}

Firewall

Verify your firewall settings. See Step 1 for more information about firewall configuration.


Was this answer helpful?
Back

Powered by WHMCompleteSolution