UbuntuUbuntu Based

How To Install Varnish on Ubuntu 24.04 LTS

r00t

Install Varnish on Ubuntu 24.04

Varnish Cache is a powerful HTTP accelerator designed to significantly enhance the performance of content-heavy dynamic websites. As a caching HTTP reverse proxy, Varnish stores copies of your web pages in memory, dramatically reducing backend server load and delivering content to users at lightning-fast speeds. Whether you’re running a high-traffic blog, e-commerce site, or enterprise application on Ubuntu 24.04 LTS, implementing Varnish can transform your website’s performance.

In this comprehensive guide, we’ll walk through the complete process of installing and configuring Varnish Cache on Ubuntu 24.04 LTS with an Apache backend. You’ll learn how to set up, optimize, and troubleshoot Varnish to achieve optimal caching performance for your web applications.

What is Varnish Cache?

Varnish Cache functions as a web application accelerator that sits in front of your web server, intercepting and handling incoming HTTP requests. Unlike traditional caching mechanisms, Varnish is specifically designed as a caching HTTP reverse proxy that stores copies of web pages in memory. This approach allows it to serve cached responses directly to users without querying the backend server, dramatically reducing response times.

Key features that make Varnish stand out include:

  • Performance acceleration of up to 1000x faster content delivery
  • Private CDN capabilities for distributed content delivery
  • Built-in Gzip compression and decompression
  • HTTP streaming for efficient content transfer
  • Highly customizable caching rules via VCL (Varnish Configuration Language)
  • Load balancing capabilities for distributed environments

What sets Varnish apart from other caching solutions is its architecture, which is optimized for high-performance HTTP acceleration rather than general-purpose caching. By focusing specifically on HTTP caching, Varnish achieves remarkable speed improvements for web applications.

Prerequisites

Before beginning the Varnish installation process, ensure your system meets the following requirements:

  • A server running Ubuntu 24.04 LTS
  • Root or sudo access to the server
  • Basic familiarity with Linux command line operations
  • Minimum 2GB RAM (4GB recommended for production environments)
  • At least 20GB of available disk space
  • A properly configured network connection

Additionally, you should have a basic understanding of web server operations and HTTP protocols. While this guide walks through each step in detail, having this background knowledge will help you better understand the configuration process.

Step 1: System Preparation

Let’s begin by ensuring your Ubuntu system is up-to-date with the latest package information and necessary dependencies.

First, update your system’s package index and upgrade existing packages:

sudo apt update
sudo apt upgrade -y

Next, install essential dependencies that Varnish requires:

sudo apt install make automake autotools-dev libedit-dev libjemalloc-dev libncurses-dev libpcre3-dev libtool pkg-config python3-docutils python3-sphinx graphviz autoconf-archive libpcre2-dev curl git

Before proceeding, check if any services are currently running on port 80, as Varnish will need to use this port:

sudo netstat -tulpn | grep :80

If any services are using port 80, you’ll need to stop them or configure them to use a different port before continuing with the installation.

Step 2: Installing Apache Web Server

Since we’ll be using Apache as our backend server, we need to install and configure it first:

sudo apt install apache2

After installation, verify that Apache is running correctly:

sudo systemctl status apache2

You should see output indicating that Apache is active and running. To further verify, open a web browser and navigate to your server’s IP address. You should see the default Apache page.

Apache will serve as the backend for Varnish, handling the actual content generation before Varnish caches and delivers it to users. This separation of concerns allows each component to focus on what it does best: Apache generates dynamic content, while Varnish optimizes its delivery.

Step 3: Configuring Apache for Varnish

Since Varnish will handle incoming requests on port 80, we need to reconfigure Apache to listen on a different port. The standard approach is to change Apache’s listening port from 80 to 8080:

sudo nano /etc/apache2/ports.conf

In this file, change:

Listen 80

to:

Listen 8080

Additionally, if you have SSL enabled, change the SSL port from 443 to 4433:

Listen 443

to:

Listen 4433

Next, you need to update any virtual host configurations to reflect this port change. Edit each virtual host file in the /etc/apache2/sites-available/ directory:

sudo nano /etc/apache2/sites-available/000-default.conf

Change the <VirtualHost *:80> line to <VirtualHost *:8080>.

After making these changes, restart Apache to apply the new configuration:

sudo systemctl restart apache2

Verify that Apache is now listening on port 8080:

sudo netstat -tulpn | grep :8080

Step 4: Adding Varnish Repository

While Varnish is available in Ubuntu’s default repositories, it’s generally recommended to use the official Varnish repository to ensure you get the latest stable version with all security updates.

First, let’s add the GPG key for the Varnish repository:

curl -fsSL https://packagecloud.io/varnishcache/varnish70/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/varnish-archive-keyring.gpg

Next, create a repository source file:

echo "deb [signed-by=/usr/share/keyrings/varnish-archive-keyring.gpg] https://packagecloud.io/varnishcache/varnish70/ubuntu/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/varnish.list

Update your package lists to include the new repository:

sudo apt update

Step 5: Installing Varnish Cache

Now that we’ve added the Varnish repository, we can install Varnish:

sudo apt install varnish

After installation completes, verify that Varnish was installed correctly:

varnishd -V

This command should display the version information of your Varnish installation.

The installation places Varnish files in several locations:

  • Configuration files: /etc/varnish/
  • Default VCL file: /etc/varnish/default.vcl
  • Systemd service file: /lib/systemd/system/varnish.service
  • Log files: /var/log/varnish/

Step 6: Configuring Varnish Backend

Now we need to configure Varnish to use Apache as its backend server. Open the default VCL configuration file:

sudo nano /etc/varnish/default.vcl

At the beginning of this file, you’ll find the backend definition. Ensure it points to your Apache server:

vcl 4.1;

backend default {
    .host = "127.0.0.1";
    .port = "8080";
}

This configuration tells Varnish to forward requests to Apache running on localhost port 8080. You can also add additional settings to the backend definition:

backend default {
    .host = "127.0.0.1";
    .port = "8080";
    .connect_timeout = 600s;
    .first_byte_timeout = 600s;
    .between_bytes_timeout = 600s;
    .max_connections = 800;
}

These parameters help you fine-tune the connection between Varnish and Apache for optimal performance.

Step 7: Configuring Varnish to Listen on Port 80

By default, Varnish listens on port 6081. We need to reconfigure it to listen on port 80 instead. Edit the Varnish systemd service file:

sudo systemctl edit varnish

Add the following content:

[Service]
ExecStart=
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m

This overrides the default ExecStart command and configures Varnish to listen on port 80 instead of the default 6081. We’re also allocating 256MB of memory for the cache, which you can adjust based on your server’s resources.

After saving the file, reload the systemd daemon to apply the changes:

sudo systemctl daemon-reload

Step 8: Advanced VCL Configuration

The Varnish Configuration Language (VCL) allows you to customize how Varnish handles requests and caching behavior. Here’s an example of some useful VCL configurations you can add to your default.vcl file:

sub vcl_recv {
    # Cache static files
    if (req.url ~ "\.(png|jpg|jpeg|gif|css|js|woff|woff2)$") {
        unset req.http.Cookie;
        return(hash);
    }
    
    # Don't cache admin or login pages
    if (req.url ~ "^/wp-admin" || req.url ~ "^/login" || req.url ~ "^/admin") {
        return(pass);
    }
}

sub vcl_backend_response {
    # Set longer TTL for static content
    if (bereq.url ~ "\.(png|jpg|jpeg|gif|css|js|woff|woff2)$") {
        set beresp.ttl = 7d;
    }
    
    # Default TTL for other content
    set beresp.ttl = 1h;
}

This configuration provides different caching rules for static files and dynamic content. Static files like images and CSS are cached for a longer period (7 days), while other content is cached for 1 hour. Additionally, administrative pages are excluded from caching.

You can customize these rules based on your specific website’s needs and content types.

Step 9: Starting and Enabling Varnish

Now that we’ve configured Varnish, let’s start the service and enable it to start automatically on system boot:

sudo systemctl start varnish
sudo systemctl enable varnish

Verify that Varnish is running correctly:

sudo systemctl status varnish

You should see output indicating that the Varnish service is active and running.

Step 10: Testing Varnish Configuration

To verify that Varnish is working correctly and serving cached content, we can use the curl command to inspect HTTP headers:

curl -I http://localhost

Look for headers that indicate Varnish is processing the request. You should see headers like Via: 1.1 varnish and X-Varnish in the response.

You can also use the following command to view more detailed information about the request:

curl -v http://localhost

To check if Varnish is listening on port 80:

sudo netstat -tulpn | grep varnishd

This should show Varnish listening on port 80.

Performance Tuning for Varnish

To get the most out of Varnish, consider these performance tuning recommendations:

Memory Allocation

The amount of memory allocated to Varnish affects its caching capacity. Adjust the -s malloc,256m parameter in the service file based on your server’s available memory and caching needs. For high-traffic sites, consider allocating 1GB or more:

ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,1024m

Thread Pools

For servers with multiple CPU cores, adjust the thread pool settings:

-p thread_pools=2 -p thread_pool_min=100 -p thread_pool_max=1000

These parameters set the number of thread pools and the minimum/maximum threads per pool, which can improve performance on multi-core systems.

Object Size Limits

By default, Varnish limits the size of objects it can cache. You can increase this limit for sites with large pages:

-p workspace_client=80k -p workspace_backend=80k

Remember to restart Varnish after making these changes:

sudo systemctl restart varnish

Troubleshooting Common Issues

When working with Varnish, you might encounter these common issues:

Port Conflicts

If Varnish fails to start with an error about binding to port 80, another service might be using that port. Use netstat to check:

sudo netstat -tulpn | grep :80

Stop any conflicting services or reconfigure them to use different ports.

Backend Connection Failures

If Varnish can’t connect to Apache, verify that Apache is running and listening on the correct port:

sudo systemctl status apache2
sudo netstat -tulpn | grep :8080

Also check the Varnish backend definition in default.vcl to ensure it matches Apache’s settings.

Cache Not Working

If content isn’t being cached as expected, check your VCL configuration for issues. You can use the varnishlog command to see detailed information about requests:

sudo varnishlog

Look for entries that might indicate why caching isn’t working as expected.

Error 54113

If you encounter Error 54113, it typically indicates a problem with the Varnish director configuration. Check your VCL for incorrect director definitions and ensure your backend servers are properly configured and responding.

Security Considerations

While implementing Varnish, consider these security best practices:

Secure the Admin Interface

The Varnish admin interface (on port 6082 by default) should not be exposed to the public internet. Restrict access to this port using firewall rules:

sudo ufw allow 80/tcp
sudo ufw deny 6082/tcp

Protect Sensitive Content

Ensure that sensitive content is not cached by Varnish. Add rules to your VCL to prevent caching of user-specific or confidential information:

sub vcl_recv {
    # Don't cache pages with authentication
    if (req.http.Authorization || req.http.Cookie ~ "session=") {
        return(pass);
    }
}

Use HTTPS with Varnish

For HTTPS configurations, consider using a termination proxy like Nginx in front of Varnish, or use Hitch for SSL termination.

Monitoring Varnish Performance

Effective monitoring helps you optimize Varnish performance over time:

Using varnishstat

The varnishstat command provides real-time statistics about Varnish operation:

varnishstat

Key metrics to monitor include:

  • Cache hit rate (MAIN.cache_hit and MAIN.cache_miss)
  • Backend connections and failures
  • Resource usage (memory, file descriptors)

Log Analysis

Varnish logs provide detailed information about requests and caching behavior:

sudo varnishlog

For a more focused view, you can filter logs by specific request parameters:

sudo varnishlog -q "ReqURL ~ '^/specific-page'"

Consider using log analysis tools like Varnish Agent or integrating with monitoring platforms like Prometheus and Grafana for comprehensive performance tracking.

Congratulations! You have successfully installed varnish. Thanks for using this tutorial for installing Varnish cache on Ubuntu 24.04 LTS system. For additional help or useful information, we recommend you check the Varnish website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button