Sysadmins of the North

Technical blog, where topics include: computer, server, web, sysadmin, MySQL, database, virtualization, optimization and security

Install Varnish Cache on CentOS 6.7

In this article I’ll show you how to install Varnish Cache on CentOS, version 6.7 in this case. Varnish is a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Because Varnish Cache is really, really fast, web applications like WordPress, Drupal and Joomla can greatly benefit from Varnish Cache.

Varnish Cache

As said, Varnish is a web application accelerator from which WordPress (Joomla, Drupal) performance benefits. It typically speeds up delivery with a factor of 300 – 1000x, depending on your architecture. Varnish is a caching HTTP reverse proxy. It receives requests from clients and tries to answer them from the cache. If Varnish cannot answer the request from the cache it will forward the request to the backend, fetch the response, store it in the cache and deliver it to the client.

When Varnish has a cached response ready it is typically delivered in a matter of microseconds, two orders of magnitude faster than your typical backend server, so you want to make sure to have Varnish answer as many of the requests as possible directly from the cache.

Varnish decides whether it can store the content or not based on the response it gets back from the backend. The backend can instruct Varnish to cache the content with the HTTP response header Cache-Control. There are a few conditions where Varnish will not cache, the most common one being the use of cookies. Since cookies indicates a client-specific web object, Varnish will by default not cache it.

This behaviour as most of Varnish functionality can be changed using policies written in the Varnish Configuration Language (VCL).

Installing Varnish Cache on CentOS 6.7

As with installing Elasticsearch on CentOS, installing Varnish Cache is nothing more than running a few commands. All you need to keep in mind is: Varnish relies on jemalloc which is not available in a repository. Download and install jemalloc manually:

sudo wget https://dl.fedoraproject.org/pub/epel/6/x86_64/jemalloc-3.6.0-1.el6.x86_64.rpm
rpm -ivv --force jemalloc-3.6.0-1.el6.x86_64.rpm

Now it’s time to add the Varnish repository to yum, after which we can install Varnish on CentOS. Version numbers differ from the current Varnish version, as most of this came out my archives.

sudo yum update
sudo yum clean all
su -
# cat << EOF >> /etc/yum.repos.d/varnish.repo
[varnish]
name=Varnish for Enterprise Linux 6
baseurl=https://repo.varnish-cache.org/redhat/varnish-4.0/el6/
enabled=1
gpgkey=https://repo.varnish-cache.org/GPG-key.txt
gpgcheck=1
EOF

yum install -y varnish

And that’s it, Varnish is installed and almost ready to go!

sudo varnishd -V
varnishd (varnish-4.0.3 revision b8c4a34)
Copyright (c) 2006 Verdens Gang AS
Copyright (c) 2006-2014 Varnish Software AS

Note: see http://varnish-cache.org/releases/ and http://varnish-cache.org/releases/install_redhat.html#install-redhat for new repo URL’s and Varnish installation on Red Hat information. The above may be outdated and needs to be updated soon.

This may interest you:   Convert decimal to hex in Bash?

Configure Varnish to accelerate your website

The Varnish Cache daemon is configured in /etc/sysconfig/varnish. In my test set-up, there was no nginx running on the same server (back when I set up my global DNS load balancing and Varnish Cache CDN there was), so I chose to use an Alternative 3 configuration and to run Varnish on port 80.

The most important /etc/sysconfig/varnish settings are:

## Alternative 3, Advanced configuration
#
# See varnishd(1) for more information.
#
# # Main configuration file. You probably want to change it :)
VARNISH_VCL_CONF=/etc/varnish/default.vcl
#
# # Default address and port to bind to
# # Blank address means all IPv4 and IPv6 interfaces, otherwise specify
# # a host name, an IPv4 dotted quad, or an IPv6 address in brackets.
# VARNISH_LISTEN_ADDRESS=
VARNISH_LISTEN_PORT=80
#
# # Telnet admin interface listen address and port
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
VARNISH_ADMIN_LISTEN_PORT=6082
#
# # Shared secret file for admin interface
VARNISH_SECRET_FILE=/etc/varnish/secret
#
# # The minimum number of worker threads to start
VARNISH_MIN_THREADS=50
#
# # The Maximum number of worker threads to start
VARNISH_MAX_THREADS=1000
#
# # Idle timeout for worker threads
VARNISH_THREAD_TIMEOUT=120
#
# # Cache file size: in bytes, optionally using k / M / G / T suffix,
# # or in percentage of available disk space using the % suffix.
VARNISH_STORAGE_SIZE=256M
#
# # Backend storage specification
VARNISH_STORAGE="malloc,${VARNISH_STORAGE_SIZE}"
#
# # Default TTL used when the backend does not specify one
VARNISH_TTL=120
#
# # DAEMON_OPTS is used by the init script.  If you add or remove options, make
# # sure you update this section, too.
DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
             -f ${VARNISH_VCL_CONF} \
             -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
             -t ${VARNISH_TTL} \
             -p thread_pool_min=${VARNISH_MIN_THREADS} \
             -p thread_pool_max=${VARNISH_MAX_THREADS} \
             -p thread_pool_timeout=${VARNISH_THREAD_TIMEOUT} \
             -u varnish -g varnish \
             -S ${VARNISH_SECRET_FILE} \
             -s ${VARNISH_STORAGE}"

Everything left to its default except VARNISH_LISTEN_PORT.

Varnish’ caching behavior is configured in /etc/varnish/default.vcl. Here, you can configure and do a lot. I went with an as minimal as possible configuration, which I can always expand when necessary.

# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the
# builtin VCL. The builtin VCL is called when there is no explicit
# return statement.
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.

# Marker to tell the VCL compiler that this VCL has been adapted to the
# new 4.0 format.
vcl 4.0;

# Default backend definition. Set this to point to your content server.
backend backend01 {
    .host = "203.0.113.15";
    .port = "80";
}

sub vcl_recv {
        set req.http.X-Forwarded-For = client.ip;
        set req.backend_hint = backend01;
        if (req.url ~ "(?i)\.(css|js|jpg|jpeg|gif|png|ico)(\?.*)?quot;) {
            unset req.http.Cookie;
        }
        # Do not cache listed file extensions
        if (req.url ~ "\.(zip|sql|tar|gz|tgz|bzip2|bz2|mp3|mp4|m4a|flv|ogg|swf|aiff|exe|dmg|iso|box|qcow2)") {
            set req.http.X-Cacheable = "NO:nocache file";
            return (pass);
        }
}

sub vcl_backend_response {
        # Set cached objects to expire after 1 hour instead of the default 120 seconds.
        set beresp.ttl = 1h;
        if (bereq.url ~ "(?i)\.(css|js|jpg|jpeg|gif|png|ico)(\?.*)?quot;) {
            unset beresp.http.set-cookie;
        }
}

sub vcl_deliver {
        if (obj.hits > 0) {
               set resp.http.X-Cache = "HIT";
        } else {
               set resp.http.X-Cache = "MISS";
        }
}

Once the configuration is created and saved, it’s time to start Varnish Cache: service varnish start. If you want to start Varnish during system boot-up, make it permanent with chkconfig:

sudo chkconfig --add varnish
sudo chkconfig varnish on

Debugging Varnish configuration issues

By default, Varnish isn’t very verbose in its logging, so when the Varnish service doesn’t want to start you need to be able to debug and find the “why”. To debug Varnish’ start-up, use:

varnishd -C -f /etc/varnish/default.vcl

Errors and configuration issues are printed to stdout.

This may interest you:   Cache MySQL query results with PHP WinCache

Varnish and SSL/TLS

In Varnish 4.1, Varnish have added support for Willys PROXY protocol which makes it possible to communicate the extra details from a SSL-terminating proxy, such as HAProxy, to Varnish. Read the announcement for more details.

Varnish administration commands

Some administration commands for maintainging & administering Varnish are:

  • varnishlog – Display Varnish logs
  • varnishhist – Varnish request histogram
  • varnishstat – Varnish Cache statistics
  • varnishtop – Varnish log entry ranking

They all have manual pages.

Conclusion installing Varnish on CentOS

Installing Varnish on CentOS isn’t that hard, but configuring it can be… A lot depends on the web applications you’re caching for (WordPress, Drupal, Joomla, DNN, Umbraco), and where in your HTTP pipeline you want to put Varnish: in front of a web server or next to it for content offloading.

Go with a minimal configuration first, and build on that.

2 Comments

  1. sanjaynarayan83

    7 February 2018 at 18:41

    please change the repo url. it no longer works.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

shares