How To Install & Configure Varnish HTTP Cache on Ubuntu
All the steps, configurations and installations you need to know how to install and configure Varnish HTTP cache in Linux
What is Varnish?
Varnish Caché has been conceived as a web application accelerator, or also known as an HTTP cache reverse proxy. It can be installed on any server that uses HTTP and is configured to cache the contents of that server. Varnish Cache is fast, as a rule, speeds up the delivery with a factor of 300 – 1000x, depending on the architecture used.
Varnish can be installed in FreeBSD, ArchLinux, Debian, Ubuntu, RedHat, OpenBSD and more.
Step 1: Install Apache Server
The first step to take will be to install the Apache server on the server, and for that, we will first update the system packages by executing the following:
sudo apt update
Once updated, we proceed to the installation of Apache2 by running the following line:
sudo apt install -y apache2
Once installed Apache in Ubuntu 17, we proceed to execute the following commands:
systemctl start apache2 (Start the Apache service) systemctl enable apache2 (Enables Apache to be run at the start of Ubuntu)
With this process, we have installed the Apache web server.
Step 2: Configure Firewall Permissions
Now, it will be necessary to allow the HTTP and HTTPS protocols in our firewall rule and by default, Ubuntu has a firewall package called UFW and it is disabled, for its activation we execute the following line:
sudo ufw enable
Once enabled, we execute the following lines in order to grant permission to the indicated protocols:
sudo ufw allow ssh sudo ufw allow http sudo ufw allow https
With these ports added access from outside the network will be possible.
If we want to validate the Apache web server, we can use the netstat command and verify that Apache runs under port 80:
netstat -plntu
Or, execute the following:
curl -I localhost
Step 3: Edit Default Port of Apache
One option that we have when using Apache, is that it is used as a backend and therefore does not run with the known and defined default port 80, therefore, if we want to edit the Apache port, we must access the ports file. conf and configuration of the virtual host in the sites-available directory.
First of all we access the Apache directory:
cd /etc/apache2
We will replace port 80 by 8080 in the Apache ports.conf configuration and all the virtual host files in the sites-available directory, this will be possible by executing the following sed commands:
sed -i -e 's/80/8080/g' ports.confsed -i -e 's/80/8080/g' sites-available/*
Or if we want, directly access the file with the desired editor:
nano ports.conf
There, edit the new port:
Save the changes using the Ctrl + O keys and we exit using Ctrl + X.
We can validate that the Apache syntax does not contain errors by executing the following commands:
apachectl configtest systemctl restart apache2
Now, we check that Apache has defined the new 8080 port as the listener by executing the netstat -plntu line.
Step 4: Install Varnish
The time has come to install the Varnish utility in Ubuntu and for this we execute the following line:
sudo apt install -y varnish
Once the installation process is finished, we execute the following lines:
systemctl start varnish (Start Varnish service) systemctl enable varnish
By default, Varnish runs with ports 6081 for the public IP address and 6082 for the local server address, we can check it using the netstat command:
netstat -plntu
Step 5: Configure Varnish as Reverse Proxy for Apache
At this point, Varnish will be executed on port 80, and each client request will be handled by it, before being sent to the Apache web server that is being executed on port 8080.
Backend configuration:
For this, we will go to the Varnish directory
cd /etc/varnish/
Now, we will create a backup of the default.vcl directory:
cp default.vcl default.vcl.aseli
Now we access the directory using the desired editor:
sudo nano default.vcl
Once we access it, we must define the back-end configuration on line 16. The backend for this Apache case must be running on port 8080.
The lines must have the following structure:
backend default { .host = "127.0.0.1"; .port = "8080"; }
We can save the changes using the Ctrl + O keys and exit the editor using Ctrl + X.
Step 6: Run Varnish on Port 80
The next step is to change the default Varnish ports.
The default ports of the application are 6081 and 6082, and it will be necessary to change the port to the HTTP port 80 (only for the public address).
In this case we will use the following lines:
cd /etc/default/ sudo nano varnish
In this file we will place the line DAEMON_OPTS and we will edit port 6081 by 80, being as follows:
DAEMON_OPTS="-a :80 \ -T localhost:6082 \ -f /etc/varnish/default.vcl \ -S /etc/varnish/secret \ -s malloc,256m"
We save the changes and leave the editor. Next, we will edit the Varnish service file called barnish.service.
For this we will go to the / lib / systemd / system directory and edit the service file using the desired editor:
cd /lib/systemd/system/sudo nano varnish.service
There we will go to the ExecStart line and edit the port 6081 by 80, leaving the line in this way:
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
Save the changes and leave the editor.
We proceed to recharge the Varnish services for the changes to be applied:
systemctl daemon-reload systemctl restart varnish
We can validate that Varnish is running on port 80:
netstat -plntu
Step 7: Validate Varnish
We can perform the validation by executing the following line:
curl -I localhost
We can access from a browser using the IP address of the server to verify that Apache is correctly installed:
http://IP_Address
Finally, if we want to review the Varnish events, we execute the following line:
Varnishncsa
We have seen how Varnish is a useful tool to increase the speed of our Apache server and thus access much faster web elements hosted there.