CentOSLinuxTutorials

How To Install Varnish Cache on CentOS

Install Varnish Cache on CentOS

In this tutorial, we will show you how to install Varnish Cache on CentOS. Improving website performance is a critical aspect of managing a successful web server. One of the most effective ways to enhance your site’s speed is by implementing a caching solution like Varnish Cache. As a high-performance HTTP accelerator, Varnish Cache significantly reduces server load and improves response times by storing web content in memory. This comprehensive guide will walk you through the process of installing and configuring Varnish Cache on CentOS, helping you optimize your web server’s performance with this powerful caching solution.

What is Varnish Cache and Why Use It?

Varnish Cache is a powerful open-source HTTP accelerator and reverse proxy designed specifically for improving web server performance. Unlike traditional caching systems, Varnish operates in memory, making it exceptionally fast and efficient at delivering content to users. By sitting in front of your web server and caching frequently accessed content, Varnish can dramatically reduce the load on your backend servers while simultaneously enhancing user experience through faster page load times.

The primary benefits of implementing Varnish Cache include:

  • Significantly improved website response times, often by a factor of 300-1000x
  • Reduced backend server load, allowing your infrastructure to handle more concurrent users
  • Lower bandwidth usage through efficient content delivery
  • Better handling of traffic spikes without affecting performance
  • Flexible configuration through the Varnish Configuration Language (VCL)
  • Effective load balancing capabilities for distributing traffic across multiple backend servers

Varnish Cache is particularly beneficial for content-heavy websites, e-commerce platforms, and high-traffic applications where performance is critical to user satisfaction and business success.

Prerequisites for Installing Varnish Cache

Before beginning the installation process, ensure that your system meets the following requirements:

  • A CentOS 7 or CentOS 8 system with root or sudo access
  • Minimum of 1GB RAM (though 2GB or more is recommended for production environments)
  • At least 20GB of disk space
  • Basic knowledge of Linux command line operations
  • Familiarity with web server configurations (Apache or Nginx)
  • A properly configured web server (we’ll be covering both Apache and Nginx integrations)

You’ll also need to ensure your system is up-to-date before proceeding with the installation:

sudo yum update -y

This command updates all packages on your system to their latest versions, which helps avoid compatibility issues during the installation process.

Understanding Varnish Architecture

To effectively implement Varnish Cache, it’s important to understand how it works within your web infrastructure. Varnish operates as a reverse proxy, sitting between your users and your web server. When a user requests content, Varnish first checks if it has a cached copy available in memory. If it does (a cache hit), Varnish serves this content directly to the user without involving the backend server.

The key components of the Varnish architecture include:

  • The Management Process: Handles configuration and monitoring
  • The Child Process: Performs the actual caching operations
  • Varnish Configuration Language (VCL): A powerful, flexible scripting language for defining caching policies
  • Memory Storage (malloc): The primary storage mechanism for cached objects

Varnish utilizes a storage engine (typically malloc) to allocate memory for cached content. The default configuration typically allocates 256MB, but this can be increased based on your server’s available resources and the volume of content you need to cache.

Installation on CentOS 7

Step 1: Adding Required Repositories

First, install the EPEL repository, which contains dependencies required for Varnish:

sudo yum install -y epel-release

Next, install the necessary dependencies:

sudo yum install -y pygpgme yum-utils

Now, create the Varnish repository configuration file:

sudo nano /etc/yum.repos.d/varnishcache_varnish60lts.repo

Add the following content to the file:

[varnishcache_varnish60lts]
name=varnishcache_varnish60lts
baseurl=https://packagecloud.io/varnishcache/varnish60lts/el/7/x86_64
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/varnishcache/varnish60lts/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

Update the yum cache to include the new repository:

sudo yum -q makecache -y --disablerepo='*' --enablerepo='varnishcache_varnish60lts'

Step 2: Installing Varnish

Now that the repository is configured, install Varnish with the following command:

sudo yum install -y varnish

After installation completes, start the Varnish service and enable it to start automatically on system boot:

sudo systemctl start varnish
sudo systemctl enable varnish

Verify that Varnish is running correctly:

sudo systemctl status varnish

You should see output indicating that Varnish is active and running.

Installation on CentOS 8

Installing Varnish on CentOS 8 requires a slightly different approach due to changes in the package management system.

Step 1: Disabling the Default Varnish Module

On CentOS 8, you first need to disable the default Varnish module:

sudo dnf module disable varnish

Step 2: Installing EPEL Repository

Install the EPEL repository to access the required dependencies:

sudo yum install -y epel-release

Step 3: Setting Up the Varnish Repository

Source the operating system release file to make OS-related variables available:

. /etc/os-release

Create the Varnish repository configuration file:

sudo tee /etc/yum.repos.d/varnishcache_varnish60lts.repo > /dev/null <<-EOF
[varnishcache_varnish60lts]
name=varnishcache_varnish60lts
baseurl=https://packagecloud.io/varnishcache/varnish60lts/el/${VERSION_ID%%.*}/$(arch)
repo_gpgcheck=0
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/varnishcache/varnish60lts/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300
EOF

Step 4: Installing Varnish

Install Varnish with the following command:

sudo yum install -y varnish

Start and enable the Varnish service:

sudo systemctl start varnish
sudo systemctl enable varnish

Verify the installation:

varnishd -V
sudo systemctl status varnish

These commands will display the Varnish version and confirm that the service is running properly.

Basic Varnish Configuration

After installing Varnish, you’ll need to configure it to work with your web server. The main Varnish configuration files are located in the /etc/varnish/ directory:

  • /etc/varnish/default.vcl: The main VCL configuration file
  • /etc/varnish/varnish.params (CentOS 7) or /usr/lib/systemd/system/varnish.service (CentOS 8): Contains runtime parameters

Changing the Default Listening Port

By default, Varnish listens on port 6081, but you’ll typically want it to listen on port 80 (the standard HTTP port). To change this, edit the service configuration:

sudo systemctl edit --full varnish

Find the ExecStart line and modify it to listen on port 80:

ExecStart=/usr/sbin/varnishd \
  -a :80 \
  -f /etc/varnish/default.vcl \
  -s malloc,256m

You can also increase the memory allocation from the default 256MB to a larger value based on your server’s resources.

Configuring the Backend Server

The default.vcl file defines how Varnish interacts with your backend server. Open the file for editing:

sudo nano /etc/varnish/default.vcl

The basic configuration looks like this:

vcl 4.0;

backend default {
    .host = "127.0.0.1";
    .port = "8080";
}

This configuration tells Varnish to fetch content from a backend server running on the same machine (127.0.0.1) on port 8080. You’ll need to adjust these settings based on your actual backend server configuration.

After making changes to the configuration files, restart Varnish to apply them:

sudo systemctl daemon-reload
sudo systemctl restart varnish

Integrating Varnish with Apache

To set up Varnish with Apache, you’ll need to configure Apache to listen on a different port (commonly 8080) while Varnish listens on the standard HTTP port (80).

Step 1: Installing Apache

If you haven’t already installed Apache, do so with the following command:

sudo yum install -y httpd

Step 2: Configuring Apache

Edit the Apache configuration file to change the listening port:

sudo nano /etc/httpd/conf/httpd.conf

Find the line that begins with Listen 80 and change it to:

Listen 127.0.0.1:8080

This configuration tells Apache to listen only on the local interface on port 8080, allowing Varnish to handle public requests on port 80.

Step 3: Starting and Enabling Apache

Start and enable the Apache service:

sudo systemctl start httpd
sudo systemctl enable httpd

Step 4: Creating a Test Page

Create a simple test page to verify that your setup works correctly:

echo "

Varnish Test Page

This page is being served through Varnish Cache.

" | sudo tee /var/www/html/index.html

Step 5: Testing the Configuration

After configuring both Varnish and Apache, test your setup by accessing your server’s IP address in a web browser. If everything is configured correctly, you should see the test page, and it should load very quickly on subsequent refreshes as Varnish caches the content.

Advanced Varnish Configuration

Once you have Varnish running with a basic configuration, you can implement more advanced features to optimize performance and customize caching behavior.

Customizing VCL Rules

The Varnish Configuration Language (VCL) allows you to create sophisticated caching rules. Here’s an example of a more advanced VCL configuration:

vcl 4.0;

backend default {
    .host = "127.0.0.1";
    .port = "8080";
    .probe = {
        .url = "/health.php";
        .timeout = 2s;
        .interval = 5s;
        .window = 5;
        .threshold = 3;
    }
}

sub vcl_recv {
    # Only cache GET and HEAD requests
    if (req.method != "GET" && req.method != "HEAD") {
        return (pass);
    }
    
    # Don't cache authenticated content
    if (req.http.Authorization) {
        return (pass);
    }
    
    # Remove cookies for static content
    if (req.url ~ "\.(jpg|jpeg|png|gif|ico|css|js)$") {
        unset req.http.Cookie;
    }
    
    return (hash);
}

sub vcl_backend_response {
    # Set cache time for different content types
    if (beresp.http.Content-Type ~ "text/html") {
        set beresp.ttl = 1h;
    } elsif (beresp.http.Content-Type ~ "text/css") {
        set beresp.ttl = 24h;
    } elsif (beresp.http.Content-Type ~ "application/javascript") {
        set beresp.ttl = 24h;
    } elsif (beresp.http.Content-Type ~ "image/") {
        set beresp.ttl = 48h;
    }
    
    return (deliver);
}

This configuration includes backend health checks, conditional caching based on request type, and different TTL (Time To Live) values for various content types.

Cache Control and TTL Settings

You can customize how long different types of content remain in the cache using TTL settings. For example, static content like images can have longer TTL values, while dynamic content might need shorter ones. Here’s how to set different TTL values:

sub vcl_backend_response {
    # Set default TTL
    set beresp.ttl = 1h;
    
    # Custom TTL for specific content
    if (bereq.url ~ "^/news/") {
        set beresp.ttl = 5m;  # News content expires quickly
    } elsif (bereq.url ~ "^/static/") {
        set beresp.ttl = 1d;  # Static content lives longer
    }
    
    return (deliver);
}

These settings determine how long content remains in the cache before Varnish requests a fresh copy from the backend server.

Performance Tuning Tips

To get the most out of Varnish Cache, consider these performance optimization tips:

Memory Allocation

Adjust the malloc parameter to allocate an appropriate amount of memory for your cache:

-s malloc,4G

This example allocates 4GB of memory for the cache. The optimal value depends on your server’s available memory and the size of the content you’re caching.

Thread Pools Configuration

Configure thread pools to optimize performance:

-p thread_pool_min=50 \
-p thread_pool_max=1000 \
-p thread_pool_timeout=300

These settings control the number of worker threads Varnish uses to handle requests.

Workspace Settings

Adjust workspace parameters if you encounter issues with large headers:

-p workspace_client=256k \
-p workspace_backend=256k

These settings increase the buffer space for request and response handling.

HTTP Response Size Settings

If you encounter 503 errors due to large response headers, adjust the HTTP response parameters:

-p http_resp_hdr_len=65536 \
-p http_resp_size=98304

These settings increase the maximum size of HTTP headers and responses that Varnish can handle.

Security Considerations

Securing your Varnish installation is essential for protecting your web infrastructure:

Restricting Access to Admin Interface

The Varnish admin interface should not be publicly accessible. Configure your firewall to restrict access:

sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="trusted-ip-address" port port="6082" protocol="tcp" accept'
sudo firewall-cmd --reload

Secret File Configuration

Ensure the Varnish secret file has appropriate permissions:

sudo chmod 600 /etc/varnish/secret

This file contains a shared secret used for authentication with the Varnish admin interface.

Using a Non-Root User

For additional security, configure Varnish to run as a non-root user:

-u varnish -g varnish

This reduces the potential impact of security vulnerabilities.

Troubleshooting Common Issues

Even with careful configuration, you may encounter issues with your Varnish setup. Here are solutions to common problems:

Varnish Service Won’t Start

If Varnish fails to start, check the service status and logs:

sudo systemctl status varnish
sudo journalctl -u varnish

Common causes include:

  • Configuration syntax errors in the VCL file
  • Port conflicts (another service is already using the specified port)
  • Insufficient memory for the allocated cache size

Cache Bypassing Issues

If content isn’t being cached as expected, check your VCL configuration:

varnishlog -g request -q "ReqURL eq '/your-url'"

This command shows the processing of a specific URL, helping you identify why it might be bypassing the cache.

Memory-Related Issues

If Varnish is consuming excessive memory or experiencing frequent restarts due to OOM (Out of Memory) errors, adjust the memory allocation and consider implementing the following environment variable for jemalloc optimization:

MALLOC_CONF="thp:never,narenas:2,dirty_decay_ms:5000,muzzy_decay_ms:5000"

Add this to your Varnish service configuration using:

sudo systemctl edit varnish

And add the following lines:

[Service]
Environment="MALLOC_CONF=thp:never,narenas:2,dirty_decay_ms:5000,muzzy_decay_ms:5000"

This configuration has been shown to help stabilize memory usage on CentOS 8 systems.

Monitoring Varnish Performance

Monitoring is crucial for ensuring optimal performance and troubleshooting issues:

Using varnishstat

The varnishstat command provides real-time statistics about your Varnish instance:

varnishstat

Key metrics to monitor include:

  • Cache hit ratio (MAIN.cache_hit and MAIN.cache_miss)
  • Backend response time
  • Memory usage
  • Request rate

For specific metrics, use:

varnishstat -f MAIN.cache_hit

This shows only the cache hit counter.

Using varnishhist

The varnishhist tool provides a graphical representation of response times:

varnishhist

This shows a histogram of response times, with cache hits and misses represented differently.

Setting Up External Monitoring

For more comprehensive monitoring, consider integrating Varnish with monitoring systems like Prometheus, Grafana, or commercial solutions. These tools can provide detailed insights into cache performance and alert you to potential issues.

Real-world Implementation Examples

Understanding how Varnish is used in real-world scenarios can help you implement it effectively in your own environment:

E-commerce Website

For an e-commerce site, you might configure Varnish to:

  • Cache product images and static assets with long TTLs
  • Exclude shopping cart and checkout pages from caching
  • Implement user-specific caching using cookies or headers
  • Use edge-side includes (ESI) for personalized content within cached pages

Content-heavy Website

For a content site like a news portal or blog:

  • Cache article pages for moderate durations (30-60 minutes)
  • Implement cache invalidation when content is updated
  • Use different cache strategies for homepage (short TTL) vs. archival content (longer TTL)
  • Implement mobile device detection for device-specific caching

These examples demonstrate how Varnish configuration can be tailored to specific use cases for optimal performance.

Congratulations! You have successfully installed Varnish. Thanks for using this tutorial for installing Varnish Cache on your CentOS system. For additional help or useful information, we recommend you check the official Varnish website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!

Save

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Back to top button