Centos Linux

How to Install Varnish Cache for Apache on CentOS/RHEL 8

Varnish Cache is a free open source, modern and high-performance web application accelerator. It is a fast reverse HTTP proxy that caches content to speed up your web server performance, by storing web content in server memory – in a cache. It is configured to run in front of an origin server such as Apache (HTTPD) webserver.

When a client requests for content, Varnish accepts the HTTP request, sends the request to the origin server, caches the returned objects, and replies to the client request. The next time the client requests for the same content, Varnish will serve it from the cache. This way, it reduces the response time and network bandwidth consumption on future equivalent requests.

Varnish also works as an HTTP request router, web application firewall, load balancer, and more. It is configured using the flexible Varnish Configuration Language (VCL) which is extensible using Varnish Modules (also known as VMODs), supports for Edge Side Includes (ESL), Gzip compression and decompression, and much more.

In this article, you will learn how to install Apache HTTPD web server and Varnish Cache 6 on a fresh CentOS/RHEL 8 server, including configuring Varnish to run in front of HTTPD server.

Prerequisites:

Step 1: Installing Apache Web Server on CentOS/RHEL 8

1. Begin by updating all installed software packages on the system as follows using the DNF command.

# dnf update

2. Next, run the following command to install the Apache HTTP web server from the AppStream repository.

# dnf install httpd

3. As soon as the installation is complete, start the httpd service, enable it to automatically start during system boot, and check its status to confirm that it is up and running, using the systemctl command.

# systemctl start httpd
# systemctl enable httpd
# systemctl status httpd

Verify Apache Web Server Status

4. By default CentOS/RHEL 8 includes a fully locked down firewall (run firewall-cmd –state to confirm). You must open access to the HTTP service in the firewall to allow users access websites or applications running over HTTP, and also reload the firewalld settings to apply the new changes.

# firewall-cmd --zone=public --permanent --add-service=http
# firewall-cmd --reload

Step 2: Installing Varnish Cache 6.4 on CentOS/RHEL 8

5. Now that the Apache web server is running, you can proceed further to install Varnish Cache on the system using the following command.

# dnf module install varnish

Install Varnish Cache on CentOS 8

6. After a successful installation, you can verify the version of Varnish installed on your system.

# varnishd -V

Check Varnish Version

7. Next, the main executable is installed as /usr/sbin/varnishd. Also, the Varnish configuration files are stored under the /etc/varnish directory, where:

  • /etc/varnish/default.vcl – is the main varnish configuration file written using VCL.
  • /etc/varnish/secret – is the varnish secret file.

8. Now start the varnish service, for now, enable it to automatically start during system boot in case of a server restart and check its status to ensure that it up and running as follows.

# systemctl start varnish
# systemctl enable varnish
# systemctl status varnish

Verify Varnish Cache Status

Step 3: Configuring Apache to Work with Varnish Cache

9. Now its time to configure Varnish Cache to run in front of the Apache service. By default the Apache server is configured to listen on port 80, this is defined in the main configuration file /etc/httpd/conf/httpd.conf.

Open it for editing using your favorite text editor.

# vi /etc/httpd/conf/httpd.conf

Look for the Listen parameter. To run Varnish in front of the Apache server, you should change the default port 80 to 8080 (or any other port of your choice) as shown in the following screenshot.

This port will be added as the backend server’s port in the Varnish configuration file later on.

Change Apache Default Port

Also, the virtual host configuration for each web site/application that will serve via Varnish should be configured to listen to the above port. Here is the configuration for our test site (/etc/httpd/conf.d/tecmint.lan.conf).

<VirtualHost *:8080>
    DocumentRoot "/var/www/html/tecmint.lan/"
    ServerName www.tecmint.lan
    # Other directives here
</VirtualHost>

Apache Virtual Host Configuration

Important: To prevent the default Apache HTTP server test page from ever being used, comment out all the lines in the file /etc/httpd/conf.d/welcome.conf or simply delete the file.

# rm /etc/httpd/conf.d/welcome.conf 

10. Next, test the httpd configuration syntax for any errors. If it’s OK, restart the httpd service to apply the new changes.

# httpd -t
# systemctl restart httpd

Check Apache Configuration

Configuring Varnish for Systemd

11. To deploy Varnish in front of HTTPD, you simply need to configure it to listen to client requests in the default HTTP port 80 as explained below.

Note that in Varnish Cache 6.0 and higher, you have to set the port varnish server listens on in the Varnish service file for systemd. First, open it for editing.

# systemctl edit --full  varnish

Look for the ExecStart line, then change the value of the -a switch (which specifies the varnish listen to the address and port) from :6081 to :80 as indicated in the following screenshot.

Importantly, if you do not specify an address, varnishd will listen on all available IPv4 and IPv6 interfaces active on the server.

ExecStart=/usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m

Change Varnish Listen Port

Save the changes in the file and exit.

Configuring Varnish Backend Servers using VCL

12. Now, you need to configure the origin server, known in Varnish terminology as a backend. It is the server that understands HTTP, Varnish talks to, to fetch content – httpd in this case. It is configured in the main configuration file /etc/varnish/default.vcl.

# vi /etc/varnish/default.vcl 

There is a default backend configuration section called default. You may change “default” to server1 (or any name of your choice to meet your environment standards). By default, the host parameter points to the localhost, on assumption that the backend server is running on the localhost.

Then set the port to 8080 (the port you defined in Apache virtual host configuration file) as shown in the screenshot.

backend server1 {
    .host = "127.0.0.1";
    .port = "8080";
}

Configure Varnish Backend Servers

If your backend server is running on a different host, for example, another server with address 10.42.1.10, then the host parameter should point to this IP address.

backend server1 {
    .host = "10.42.1.10";
    .port = "8080";
}

Save the file and close it.

13. After making all the necessary changes concerning Varnish, reload the systemd manager configuration to reflect the new changes in the Varnish service file and also restart the Varnish service to apply the overall changes.

# systemctl daemon-reload
# systemctl restart varnish

14. At this point, Varnish and Apache should now be listening on port 80 and 8080 respectively. You can confirm this using the socket statistics command.

# ss -tpln

Check Varnish and Apache Listening Sockets

Step 4: Testing Varnish Cache and Apache Setup

14. To test the Varnish Cache-HTTPD setup, open a web browser, and navigate using the server IP or FQDN as shown in the following screenshot.

http://10.42.0.144
OR
http://www.tecmin.lan

Then check if web pages are being served via Varnish Cache as follows. Check the HTTP headers by right-clicking on the displayed web page, select Inspect to open the developer tools, then click the Network tab, and reload the page. Then select a request to view the HTTP headers to confirm this as shown in the following screenshot.

Check Web Page is Served via Varnish Cache

Alternatively, you can run the following curl command to verify it.

# curl -I http:///10.42.0.144
OR
#curl -I http:///www.tecmint.lan

Check Varnish and Apache Setup

Useful Varnish Cache Utility Programs

15. Let’s end this guide by looking at some of the useful programs that the Varnish Cache distribution comes with. They include utilities for varnish cache administration, displaying detailed log records, and view varnish performance statistics as described below.

varnishadm

The first is varnishadm which is used to administer a running Varnish instance. It establishes a command-line interface connection to varnishd. It can affect a running instance of Varnish by starting and stopping varnishd, changing configuration parameters, reloading the VCL, listing backends, and more.

# varnishadm
> backend.list

Administer Varnish Using Varnishadm Tool

For more information, read man varnishadm.

varnishlog

The next program is varnishlog which is used to access request-specific data (i.e information about specific clients and requests). It provides large amounts of information, thus it is usually necessary to filter it.

# varnishlog

Varnishlog – Check Varnish Cache Performance

For more information, read the man varnishlog.

varnishstat

We also have varnishstat (varnish statistics) which is used to access overall statistics such as the number of total requests, number of objects, and more.

# varnishstat

varnishstat – Show Varnish Statistics

For more information, read the man varnishstat.

varnishtop

Then we have varnishtop which a utility that reads the Varnish log and presents a continuously updated list of the most commonly occurring log entries.

# varnishtop 

varnishtop – Reads Varnish Logs

For more information, read the man varnishtop.

varnishhist

Another useful utility is varnishhist (varnish history) utility reads Varnish logs and presents a continuously updated histogram showing the distribution of the last N requests by their processing.

# varnishhist

varnishstat – Show Varnish Log History

For more information, read the man varnishhist.

There you have it! You have successfully deployed Varnish Cache to accelerate your web application content served using Apache HTTP Server on CentOS/RHEL 8.