How to Speed Up Apache with Varnish Cache on CentOS 7

Varnish Cache (commonly known as Varnish), is an open-source, popular reverse-proxy HTTP accelerator intended for speeding up web servers. It is engineered for excessively utilized API endpoints and also for dynamic sites that serve massive-content and experience high-traffic.

It basically helps to scale down CPU load; supports load balancing on web servers and enables a web browser to quickly load sites as a result of storing the cache in RAM. A number of big companies use it including Facebook, Twitter, and Wikipedia just to mention but a few.

Requirements

  1. A CentOS 7 with Apache installed
  2. A CentOS 7 with a static IP address

In this article, I will explain how to install and use Varnish Cache 6.5 as a front-end to an Apache web server in CentOS 7 (also works on RHEL 7).

Step 1: Install Apache Web Server on CentOS 7

1. First install Apache HTTP server from the default CentOS software repositories using the YUM package manager as follows.

# yum install httpd
Install Apache on CentOS 7
Install Apache on CentOS 7

2. Once Apache installed, start it for the time being and enable it to start automatically at system boot.

# systemctl start httpd
# systemctl enable httpd
# systemctl status httpd
Start and Enable Apache
Start and Enable Apache

3. Next update system firewall rules to permit inbound packets on port 80 using the commands below.

# firewall-cmd --zone=public --permanent --add-service=http
# firewall-cmd --reload
Open Apache Port on Firewall
Open Apache Port on Firewall

Step 2: Install Varnish Cache on CentOS 7

4. Now there are pre-compiled RPM packages for the latest version of Varnish Cache 6 (i.e 6.5 at the time of writing), therefore you need to add the official Varnish Cache repository.

Before that, you need to enable the EPEL repository to install several dependency packages as shown.

# yum install -y epel-release

5. Next, install pygpgme, a package for handling GPG signatures and yum-utils, a collection of useful utilities that extend yum’s native features in various ways.

# yum install pygpgme yum-utils

6. Now create a file named /etc/yum.repos.d/varnishcache_varnish65.repo that contains the repository configuration below.

# vi /etc/yum.repos.d/varnishcache_varnish65.repo

Important: Make sure to replace el and 7 in the config below with your Linux distribution and version:

[varnishcache_varnish65]
name=varnishcache_varnish65
baseurl=https://packagecloud.io/varnishcache/varnish65/el/7/$basearch
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/varnishcache/varnish65/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

[varnishcache_varnish65-source]
name=varnishcache_varnish65-source
baseurl=https://packagecloud.io/varnishcache/varnish65/el/7/SRPMS
repo_gpgcheck=1
gpgcheck=0
enabled=1
gpgkey=https://packagecloud.io/varnishcache/varnish65/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
metadata_expire=300

7. Now run the command below to update your local yum cache and install the varnish cache package (do not forget to accept the GPG key by typing y or yes while installing the package):

# yum -q makecache -y --disablerepo='*' --enablerepo='varnishcache_varnish65'
# yum install varnish 
Install Varnish Cache in CentOS 7
Install Varnish Cache in CentOS 7

8. After installing Varnish Cache, the main executable will be installed as /usr/sbin/varnishd and varnish configuration files are located in /etc/varnish/:

  • /etc/varnish/default.vcl – this is the main varnish configuration file, it is written using vanish configuration language (VCL).

9. Now start the varnish service, enable it to automatically start during system boot, and verify its status to ensure that it is up and running as follows.

# systemctl start varnish
# systemctl enable varnish
# systemctl status varnish
Start Varnish Cache
Start Varnish Cache

10. You can confirm that the Varnish installation was successful by seeing the location of the Varnish executable and version installed on your system.

$ which varnishd
$ varnishd -V
Sample Output
varnishd (varnish-6.5.1 revision 1dae23376bb5ea7a6b8e9e4b9ed95cdc9469fb64)
Copyright (c) 2006 Verdens Gang AS
Copyright (c) 2006-2020 Varnish Software

Step 3: Configure Apache to Work With Varnish Cache

11. Now configure Apache to work in conjunction with Varnish Cache. By default Apache listens on port 80, you need to change the default HTTPD port to 8080 – this will ensure that HTTPD runs behind Varnish caching.

You can use the sed command to change port 80 to 8080 as shown.

# sed -i "s/Listen 80/Listen 8080/" /etc/httpd/conf/httpd.conf

Note: Also, you need to change the port on your virtual host configuration for each website that you want to serve via Varnish. Here is the configuration for our test site (/etc/httpd/conf.d/tecmint.lan.conf).

<VirtualHost *:8080>
    DocumentRoot "/var/www/html/tecmint.lan/"
    ServerName www.tecmint.lan
    # Other directives here
</VirtualHost>

12. Next, open the varnish systemd configuration file and find the parameter ExecStart which specifies the port Varnish listens on, and change its value from 6081 to 80 as shown in the screenshot.

# systemctl edit --full  varnish

The configuration should look like this when finished.

ExecStart=/usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m
Change Varnish Cache Port
Change Varnish Cache Port

13. Next, set up Apache as a backend server for Varnish proxy, in the /etc/varnish/default.vcl configuration file.

# vi /etc/varnish/default.vcl 

Find the backend section, and define the host IP and port. Below is the default backend configuration, set this to point to your actual content server.

backend default {
    .host = "127.0.0.1";
    .port = "8080";
}

If your backend server is running on a different server with address 10.42.1.10, then the host parameter should point to this IP address.

backend server1 {
    .host = "10.42.1.10";
    .port = "8080";
}

14. After performing all the necessary configurations, restart HTTPD and Varnish cache to effect the above changes.

# systemctl daemon-reload
# systemctl restart httpd
# systemctl restart varnish

Step 4: Test Varnish Cache on Apache

15. Lastly, test, if Varnish is enabled and working with the HTTPD service using the cURL command below, which can be used to view the HTTP header.

# curl -I http://localhost
Sample Output
HTTP/1.1 200 OK
Date: Wed, 06 Jan 2021 08:36:07 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Thu, 16 Oct 2014 13:20:58 GMT
ETag: "1321-5058a1e728280"
Accept-Ranges: bytes
Content-Length: 4897
Content-Type: text/html; charset=UTF-8
X-Varnish: 131085
Age: 0
Via: 1.1 varnish (Varnish/6.5)
Connection: keep-alive

For more information, check out Varnish Cache Github Repository: https://github.com/varnishcache/varnish-cache

In this tutorial, we explained how to setup Varnish Cache 6.5 proxy for Apache HTTP server on CentOS 7. In case you have any queries or additional ideas to share, use the feedback form below to write back to us.

Aaron Kili
Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

5 thoughts on “How to Speed Up Apache with Varnish Cache on CentOS 7”

    • @Webtipster

      Removing packages installed from source is a big challenge, you have to possibly remove all the individual files installed. However, the good new is that we have an updated version of this article that we will publish soon , where installation is done using the package manager. It uses the new Varnish repository and you can easily remove it in case you do not want it any more.

      Reply

Got something to say? Join the discussion.

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.