Objective
The objective is to install and configure a Varnish Cache server with Nginx on Ubuntu 18.04 Bionic Beaver Linux. Varnish is a fast caching server which sits in front of any web server and serves previously cached pages, hence, improving the website’s response time.
Operating System and Software Versions
- Operating System: – Ubuntu 18.04 Bionic Beaver Linux
- Software: – Varnish 5.2 or higher
Requirements
Privileged access to your Ubuntu System as root or via sudo command is required.
Difficulty
MEDIUM
Conventions
- # – requires given linux commands to be executed with root privileges either directly as a root user or by use of
sudocommand - $ – requires given linux commands to be executed as a regular non-privileged user
Instructions
Install Varnish and Nginx
Let’s start by install Varnish and Nginx services. If you already have Nginx web server running on this or another system simply install varnish only by removing the Nginx keyword from the bellow command:
$ sudo apt -y install varnish nginx
Use the ss command to confirm your installation status:
$ ss -tlnf inet
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:5355 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:6081 0.0.0.0:*
LISTEN 0 10 127.0.0.1:6082 0.0.0.0:*
After successful installation your Nginx server Line 4should be listening on port 80. Varnish on Lines 6,7is using both 6081 and 6082 ports.
Configure Nginx Server
The role of Nginx server is to sit behind Varnish cache server, hence we need to reconfigure its default port 80 to some other listening port eg. 8080. To do so open your favorite text editor eg. nano and edit the default site:
$ sudo nano /etc/nginx/sites-available/default
Once in editing mode change Lines 2 & 3 from default port 80 to alternative port 8080 as shown below:
server {
listen 8080 default_server;
listen [::]:8080 default_server;
When ready, save your new settings and reload Nginx server:
$ sudo service nginx reload
Nginx should now be listening on new default port 8080 as shown on Line 4 from the ss command output:
$ ss -tlnf inet
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:5355 0.0.0.0:*
LISTEN 0 128 0.0.0.0:8080 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:6081 0.0.0.0:*
LISTEN 0 10 127.0.0.1:6082 0.0.0.0:*
Optionally you can change the default index page:
$ sudo sed -i 's/nginx/Varnish cache server on Nginx/g' /var/www/html/index.nginx-debian.html
Setup Varnish Cache Server
Since we want to route traffic from Nginx via Varnish cache server the aim now is to reconfigure Varnish cache server to listen on port 80 thus act as a front to all public HTTP requests. To do so edit its systemd configuration file /lib/systemd/system/varnish.service:
$ sudo nano /lib/systemd/system/varnish.service
Edit Line 9 and change default port 6081 to port 80 as shown bellow:
[Unit]
Description=Varnish HTTP accelerator
Documentation=https://www.varnish-cache.org/docs/4.1/ man:varnishd
[Service]
Type=simple
LimitNOFILE=131072
LimitMEMLOCK=82000
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
ExecReload=/usr/share/varnish/varnishreload
ProtectSystem=full
ProtectHome=true
PrivateTmp=true
PrivateDevices=true
[Install]
WantedBy=multi-user.target
Next, we need to instruct Varnish to rely on Nginx port 8080. Edit /etc/varnish/default.vcl
$ sudo nano /etc/varnish/default.vcl
Once you have the file opened provide the Varnish server with your Nginx socket information.
In case your Nginx server resides on the same host as Varnish server leave the Line 3without any change, otherwise enter your Nginx IP address. The port number of our Nginx server is 8080, if you have different configuration edit Line 4appropriately:
# Default backend definition. Set this to point to your content server.
backend default {
.host = "127.0.0.1";
.port = "8080";
}Almost ready! All what remains is to reload systemd daemon and restart the Varnish cache server:
$ sudo systemctl daemon-reload $ sudo service varnish restart
All done, once again use the ss command to confirm the Varnish Line 4and NginxLine 5ports:
$ ss -tlnf inet
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:5355 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 0.0.0.0:8080 0.0.0.0:*
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 10 127.0.0.1:6082 0.0.0.0:*
In case you are using the UFW firewall follow our guide on how to enable incoming traffic on HTTP and HTTPS ports on your Ubuntu server.
Testing Varnish Cache Server
This simplest way to test your Varnish Cache server configuration is by the curl command. Given that your Varnish Cache server IP address can be resolved via varnish-server-ubuntu hostname enter:
$ curl -I varnish-server-ubuntu
The below output on Line 2shows that we are using Nginx server via Varnish Cache Line 10:
HTTP/1.1 200 OK
Server: nginx/1.13.6 (Ubuntu)
Date: Thu, 22 Feb 2018 03:50:52 GMT
Content-Type: text/html
Last-Modified: Thu, 22 Feb 2018 03:08:27 GMT
ETag: W/"5a8e342b-324"
Vary: Accept-Encoding
X-Varnish: 2
Age: 0
Via: 1.1 varnish (Varnish/5.2)
Accept-Ranges: bytes
Connection: keep-alive
Next, most importantly check your configuration via a web browser by using the following URL http://varnish-server-ubuntu/:
Futhremore, you can check some Varnish Caching statisticis by using the varnishstat command:
$ sudo varnishstat
