Varnish is an open source reverse HTTP proxy, an HTTP accelerator, and a useful tool for speeding up an Apache server. Varnish is also known as front-end web caching software that you put in front of an Apache web server to speed it up.

Varnish can increase the performance of your website and prevent the Apache server from overloading in case of high server traffic.

Varnish Features

  • Reduces CPU load on the Apache web server.
  • Web browser will load your website faster since the cache is stored in RAM.
  • Supports load balancing.

In this article I will explain how to install and use Varnish as a front-end to an Apache web server.

Requirements

  • A server running CentOS 7 with Apache installed
  • A static IP address for your server

Step 1 – Install and configure Apache on CentOS 7

We will install Apache/httpd web server from the CentOS 7 repository, and then configure the server that will be running on port 8080.

Install Apache/httpd using the yum command below.

yum -y install httpd

After the installation is complete, start the httpd service and enable it to run at system boot using the commands below.

systemctl start httpd
systemctl enable httpd

So the httpd service is now running. Check it using netstat or curl command as shown below.

netstat -plntu
curl -I localhost

Install and test apache http server

So with this, the Apache/httpd web server has been installed.

Step 2 – Configure Apache on port 8080

In this step, we will configure the Apache/httpd web server to run on port 8080. For this purpose, we must first edit the configuration file ‘httpd.conf’.

Go to the Apache configuration directory and edit httpd.conf file.

cd /etc/httpd/
vim conf/httpd.conf

Change the default port 80 to 8080 on the ‘Listen’ line.

Listen 8080

Save and exit.

Now test the configuration and make sure there is no error. Then restart the apache/httpd service.

apachectl configtest
systemctl restart httpd

Configure apache

Now check again using netstat, and make sure the web server is running on port 8080.

netstat -plntu

Test apache

Step 3 – Install Varnish on CentOS 7

In this step, we will install Varnish high-performance HTTP accelerator. It’s available on the EPEL (Extra Packages for Enterprise Linux) repository, so we need to install the repo before installing Varnish.

Install EPEL repository using the following command.

yum -y install epel-release

Now install Varnish from the EPEL repository using yum command below.

yum -y install varnish

After the installation is complete, start Varnish and add it to launch at system boot using the systemctl commands below.

systemctl start varnish
systemctl enable varnish

By default, Varnish will use port 6081 and 6082. Check it using the netstat command below.

netstat -plntu

And make sure we get the default Varnish port as below.

Install and check Varnish

Step 4 – Configure Varnish as a reverse proxy for Apache

So Varnish is installed, and now we will configure it as a reverse proxy for the Apache web server. Varnish will run on HTTP port 80 by default.

Go to the Varnish configuration directory and edit the default configuration in ‘default.vcl’.

cd /etc/varnish
vim default.vcl

Define the default backend section. We are using Apache web server running on port 8080, so the configuration as below.

backend default {
     .host = "127.0.0.1";
     .port = "8080";
 }

Save and exit.

Configure Varnish

Next, configure Varnish to run with HTTP port 80. Edit the ‘varnish.params’ file present in the Varnish configuration directory.

vim varnish.params

In this file, change the value of the ‘VARNISH_LISTEN_PORT’ line to HTTP port 80.

VARNISH_LISTEN_PORT=80

Save and exit.

Now restart Varnish and check stats using the netstat command.

systemctl restart varnish
netstat -plntu

Make sure you have the result similar to the one shown below.

Check Varnish

Varnish HTTP Accelerator has been installed, and it now acts as a reverse proxy for Apache web server.

Step 5 – Configure Firewalld

In this step, we will install Firewalld and open new HTTP and HTTPS ports.

Install Firewalld using the following yum command.

yum -y install firewalld

Now start the service and enable it to run automatically at system boot.

systemctl start firewalld
systemctl enable firewalld

Next, open new port for HTTP and HTTPS requests using the firewalld-cmd command, as shown below.

firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent

Reload the firewall configuration.

That’s it. The Firewalld configuration has been completed.

Configure Firewalld

Step 6 – Testing

To test Varnish, first execute the following curl command.

curl -I hakase-labs.co

And in output, make sure you get an HTTP header similar to the one shown in the following screenshot.

Test Varnish

Next, test Varnish from the browser. For this, open your web browser and type the server URL or address.

https://wisdomeweb.com/

 

Note: If you get ‘403’ Forbidden, you need to create an ‘index.html’ file on the ‘/var/www/html’ directory.

cd /var/www/html/
echo '<h1><center> Varnish- Apache - hakase-labs</center></h1>' > index.html

Moving on, test the varnish log using the command below.

varnishncsa

And you will get the access log for varnish.

Varnish access log

That’s it. Varnish HTTP accelerator has been installed, and it’s now running as a reverse proxy for the Apache web server.