Install Varnish Cache 6 for Apache/Nginx on CentOS 7

Cpanel/Whm License $3/mo Plesk License $10/mo Cloudlinux License $5/mo

(: May 28, 2019)

Varnish Cache is a web application accelerator, often known as a caching HTTP reverse proxy. Vanish is usually installed in front of a web server such as Apache or Nginx and is configured to cache the contents of these servers. Varnish Cache is really, really fast. It typically speeds up delivery with a factor of 300 – 1000x, depending on your architecture.

This guide will walk you through the installation of Varnish Cache 6 on CentOS 7 server. This can be a Virtual Machine, LXC container or dedicated server. The steps to follow when installing Varnish Cache 6 on CentOS 7 are straightforward.

Step 1: Add EPEL repository

Some of the dependencies to be installed require EPEL repository setup. Just run the following command to add EPEL to your CentOS 7 system.

.td_uid_2_5d9093d79eeae_rand.td-a-rec-img{text-align:left}.td_uid_2_5d9093d79eeae_rand.td-a-rec-img img{margin:0 auto 0 0}
sudo yum install -y epel-release

The “-y” means no prompt is given before a package is downloaded and installed.

Step 2: Install Dependency packages

We need to install pygpgme & yum-utils if the repository is added via repo management tool.

sudo yum -y install pygpgme yum-utils

Step 3: Add Varnish Cache repository

In this step, we’re adding Varnish Cache repository for CentOS 7. Copy the commands below and paste them on the terminal. Use a user account with sudo access.

sudo tee /etc/yum.repos.d/varnish60lts.repo<<EOF
[varnish60lts]
name=varnishcache_varnish60lts
baseurl=https://packagecloud.io/varnishcache/varnish60lts/el/7/x86_64
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/varnishcache/varnish60lts/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
EOF

Step 4: Install Varnish 6 on CentOS 7

On a CentOS 7 system, updating Yum cache is optional. Let’s just update our local yum cache before installing the application. Here we’re limiting update to the added repository only.

$ sudo yum -q makecache -y --disablerepo='*' --enablerepo='varnish60lts'

Importing GPG key 0xA750EDCD:
 Userid     : "https://packagecloud.io/varnishcache/varnish60lts (https://packagecloud.io/docs#gpg_signing) [email protected]"
 Fingerprint: 48d8 1a24 cb04 56f5 d594 31d9 4cfc fd6b a750 edcd
 From       : https://packagecloud.io/varnishcache/varnish60lts/gpgkey

Then install Varnish 6 on CentOS 7.

$ sudo yum install varnish
Loaded plugins: fastestmirror, priorities
Loading mirror speeds from cached hostfile
 * base: mirror.23media.com
 * epel: mirror.23media.com
 * extras: mirror.alpha-labs.net
 * remi-php73: mirror.23media.com
 * remi-safe: mirror.23media.com
 * updates: mirror.alpha-labs.net
Resolving Dependencies
--> Running transaction check
---> Package varnish.x86_64 0:6.0.3-1.el7 will be obsoleting
---> Package varnish-libs.x86_64 0:4.1.11-1.el7 will be obsoleted
--> Finished Dependency Resolution

Dependencies Resolved

===================================================================================================================================================
 Package                          Arch                            Version                              Repository                             Size
===================================================================================================================================================
Installing:
 varnish                          x86_64                          6.0.3-1.el7                          varnish60lts                          1.8 M
     replacing  varnish-libs.x86_64 4.1.11-1.el7

Transaction Summary
===================================================================================================================================================
Install  1 Package

Total download size: 1.8 M
Is this ok [y/d/N]: y
Downloading packages:
varnish-6.0.3-1.el7.x86_64.rpm                                                                                              | 1.8 MB  00:00:01     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : varnish-6.0.3-1.el7.x86_64                                                                                                      1/2 
  Erasing    : varnish-libs-4.1.11-1.el7.x86_64                                                                                                2/2 
  Verifying  : varnish-6.0.3-1.el7.x86_64                                                                                                      1/2 
  Verifying  : varnish-libs-4.1.11-1.el7.x86_64                                                                                                2/2 

Installed:
  varnish.x86_64 0:6.0.3-1.el7                                                                                                                     

Replaced:
  varnish-libs.x86_64 0:4.1.11-1.el7                                                                                                               

Complete!

More information on installed package can be checked using:

$ rpm -qi varnish

Key notes about Varnish installation on CentOS 7.

  • The main Varnish configuration file is /etc/varnish/default.vcl
  • Varnish secret file: /etc/varnish/secret
  • Varnish Cache executable binary: /usr/sbin/varnishd
  • Varnish Systemd unit file: /lib/systemd/system/varnish.service and /etc/systemd/system/multi-user.target.wants/varnish.service

Step 5: Start and enable Varnish on CentOS 7

Start and enable Varnish process to start at system boot.

sudo systemctl enable --now varnish

Verify that Varnish is running using the following command:

$ systemctl status varnish
 ● varnish.service - Varnish Cache, a high-performance HTTP accelerator
    Loaded: loaded (/usr/lib/systemd/system/varnish.service; enabled; vendor preset: disabled)
    Active: active (running) since Mon 2019-05-27 20:34:51 EAT; 7s ago
   Process: 7380 ExecStart=/usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m (code=exited, status=0/SUCCESS)
  Main PID: 7381 (varnishd)
    CGroup: /system.slice/varnish.service
            ├─7381 /usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m
            └─7391 /usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m
 May 27 20:34:50 c4geeks-app-server systemd[1]: Starting Varnish Cache, a high-performance HTTP accelerator…
 May 27 20:34:51 c4geeks-app-server varnishd[7380]: Debug: Version: varnish-6.0.3 revision 7d1ded3aa033a018317dbafc61587026ea2ef8a3
 May 27 20:34:51 c4geeks-app-server varnishd[7381]: Version: varnish-6.0.3 revision 7d1ded3aa033a018317dbafc61587026ea2ef8a3
 May 27 20:34:51 c4geeks-app-server varnishd[7380]: Debug: Platform: Linux,3.10.0-957.1.3.el7.x86_64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
 May 27 20:34:51 c4geeks-app-server varnishd[7381]: Platform: Linux,3.10.0-957.1.3.el7.x86_64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
 May 27 20:34:51 c4geeks-app-server varnishd[7381]: Child (7391) Started
 May 27 20:34:51 c4geeks-app-server varnishd[7380]: Debug: Child (7391) Started
 May 27 20:34:51 c4geeks-app-server varnishd[7381]: Child (7391) said Child starts
 May 27 20:34:51 c4geeks-app-server systemd[1]: Started Varnish Cache, a high-performance HTTP accelerator.

From the output, we can see the status is “running“, which means our Varnish installation is ready for use.

Step 6: Configure Varnish Cache for Nginx/Apache Web Server

We stated earlier that Varnish Cache is a caching HTTP reverse proxy which sits in front of a web server. The goal is to speed up web servers.

Install your favorite web server – This demo shows the installation of Nginx/Apache HTTPD server.

# Apache
$ sudo yum -y install httpd

# Nginx
$ sudo yum -y install nginx

1. Configure Nginx to Work With Varnish Cache

By default, Nginx listens on TCP port 80, you need to change Listen port to 8080. Varnish Cache will use port 80.

$ sudo vi /etc/nginx/nginx.conf
.....
server {
        listen       8080 default_server;
        ....
}

If using Virtual Hosting feature, edit the relevant configuration file, e.g.

$ sudo vi /etc/nginx/conf.d/mysite.conf

Then restart Nginx.

$ sudo systemctl restart nginx

Confirm your settings.

$ ss -tunelp | grep 8080
tcp    LISTEN     0      128       *:8080                  *:*                   users:(("nginx",pid=13073,fd=6),("nginx",pid=13072,fd=6),("nginx",pid=13071,fd=6)) ino:34626 sk:ffff8af4b7a9ec80 <->
tcp    LISTEN     0      128      :::8080                 :::*                   users:(("nginx",pid=13073,fd=7),("nginx",pid=13072,fd=7),("nginx",pid=13071,fd=7)) ino:34627 sk:ffff8af52e828840 v6only:1 <->

2. Configure Apache to Work With Varnish Cache

If you’re using Apache web server, set Listen port to 8080.

$ sudo vi /etc/httpd/conf/httpd.conf
...
Listen 8080

A single sed command can also be used.

sudo sed -i "s/Listen 80/Listen 8080/" /etc/httpd/conf/httpd.conf

Restart httpd service after the change.

sudo systemctl restart httpd

3. Configure Varnish Cache Server

Now edit Varnish Cache configuration file and set Listen port to 80.

sudo vi /etc/systemd/system/multi-user.target.wants/varnish.service

Edit the line starting with ExecStart, and change from:

ExecStart=/usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m

To:

ExecStart=/usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m

Then restart varnish systemd service.

sudo systemctl daemon-reload
sudo systemctl restart varnish

Confirm Varnish used port.

$ sudo systemctl status  varnish
 ● varnish.service - Varnish Cache, a high-performance HTTP accelerator
    Loaded: loaded (/usr/lib/systemd/system/varnish.service; enabled; vendor preset: disabled)
    Active: active (running) since Tue 2019-05-28 10:27:07 CEST; 13s ago
   Process: 13368 ExecStart=/usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m (code=exited, status=0/SUCCESS)
  Main PID: 13369 (varnishd)
    CGroup: /system.slice/varnish.service
            ├─13369 /usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m
            └─13379 /usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m

Ensure that Nginx/Apache is configured as a backend server for Varnish proxy.

$ sudo vi /etc/varnish/default.vcl
.....
# Default backend definition. Set this to point to your content server.
backend default {
    .host = "127.0.0.1";
    .port = "8080";
}
.......

Note port 8080 is configured on Apache/Nginx web server.

For Multiple backends, your configuration will look this:

backend default {
    .host = "127.0.0.1";
    .port = "8080";
}

backend java {
    .host = "127.0.0.1";
    .port = "8000";
}

But you’ll need to tell Varnish where to send the difference URL using vcl_recv. Lets say our Java application should handle URL beginning with /java/.

sub vcl_recv {
    if (req.url ~ "^/java/") {
        set req.backend_hint = java;
    } else {
        set req.backend_hint = default;
    }
}

See more on using Multiple backends.

Step 7: Test Varnish Cache on Nginx/Apache

Finally, we test if Varnish cache is enabled and working with Apache/Nginx service with the curl command below:

$ curl -I http://localhost
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 28 May 2019 08:51:32 GMT
Content-Type: text/html
Content-Length: 3700
Last-Modified: Fri, 10 May 2019 08:08:40 GMT
ETag: "5cd53188-e74"
X-Varnish: 65544
Age: 0
Via: 1.1 varnish (Varnish/6.0)
Accept-Ranges: bytes
Connection: keep-alive

This gives you the HTTP header information.

If you rerun the command, it will show that Varnish cached response (NOTE that Age header):

$ curl -I http://localhost
HTTP/1.1 200 OK
Server: nginx/1.12.2
Date: Tue, 28 May 2019 08:51:32 GMT
Content-Type: text/html
Content-Length: 3700
Last-Modified: Fri, 10 May 2019 08:08:40 GMT
ETag: "5cd53188-e74"
X-Varnish: 65547 65545
Age: 44
Via: 1.1 varnish (Varnish/6.0)
Accept-Ranges: bytes
Connection: keep-alive

It should work same for valid domain names with DNS A record set.

$ curl -I https://blog.sxi.io 
HTTP/2 200 
date: Tue, 28 May 2019 09:09:20 GMT
content-type: text/html
set-cookie: __cfduid=de1acba723fc04cdfb58c84af80ac1b401559034559; expires=Wed, 27-May-20 09:09:19 GMT; path=/; domain=.sxi.io; HttpOnly; Secure
last-modified: Fri, 10 May 2019 08:08:40 GMT
x-varnish: 65557 17
age: 22
via: 1.1 varnish (Varnish/6.0)
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ddf16ce9d86cb77-MBA

We have installed and configured Varnish Cache on CentOS 7 for Nginx and Apache web servers. Visit the Varnish Getting started and the The Varnish Users Guide pages to learn more about configuring and optimizing Varnish.

Also check:

How To Enable GZIP & Brotli Compression for Nginx on Linux

How to hide X-Powered-By / X-CF-Powered-By PHP headers in Nginx

How To optimize Linux system with Stacer

.td_uid_4_5d9093d79f0c3_rand.td-a-rec-img{text-align:left}.td_uid_4_5d9093d79f0c3_rand.td-a-rec-img img{margin:0 auto 0 0}

Related posts

Saxo CEO: Bitcoin’s Liquidity Problems Are Driving Banks Away

SXI ADMIN

73% of Finance Pros Think Blockchain Tech Can Thrive Without Bitcoin

SXI ADMIN

What happened at the US regulators’ bitcoin meeting?

SXI ADMIN

Industry Group Aims to Change Bitcoin Symbol to ‘Ƀ’

SXI ADMIN

Jon Matonis Resigns As Bitcoin Foundation Executive Director

SXI ADMIN

How to Install JFrog Artifactory on CentOS 7

SXI ADMIN

BitX Rebrands as Luno, Reveals Bitcoin Sandbox Project

SXI ADMIN

Coinbase Users Can Now Buy and Sell Litecoin

SXI ADMIN

Down Again: Bitcoin Is Closing on Key Long-Term Price Support

SXI ADMIN

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More