Varnish HTTP Cache is a dedicated opensource application for caching HTTP requests made by the client to the server.
\nIt can be located as main-in-the-middle as a reverse proxy (which it is), doing load balancing, and taking some of the load from the webserver for the static content (JavaScripts, images, etc.)<\/p>\n
A common use of this tool is to regionalize (in another country of continent, for example) part of the web-content (static\/immutable files). Improving the overall user experience.<\/p>\n
Another scenario is when a local server is placed in a company’s branch (or a big client’s office) to reduce the data traffic over the internet (excellent for metered or slow connections).<\/p>\n
INITIAL SETUP<\/strong><\/p>\n IF:<\/strong> Ubuntu 20.04 LTS<\/p>\n OR IF:<\/strong> Ubuntu 22.04 LTS<\/p>\n INSTALLING VARNISH<\/strong><\/p>\n Configuring the service:<\/p>\n Note:<\/strong> here is where you can adjust the port Varnish is listening on and the amount of memory you want to allocate to the cache (e.g. 256m<\/strong> or maybe 2g<\/strong>). Highly recommended to set a limit because the default is unlimited.<\/p>\n Configuring the Varnish Configuration Language (VCL):<\/p>\n OR (for multiple bakcends)<\/p>\n Firing it up:<\/p>\n TESTING<\/strong><\/p>\n Monitor the traffic between the Varnish and the web server in one terminal:<\/p>\n On another terminal, make multiple HTTP requests to Varnish and confirm if it is going to the web server every time or not.<\/p>\n Also, print the headers for additional information:<\/p>\n BONUS<\/strong><\/p>\n On the default VCL configuration file ( Serving multiple sites with\u00a0 Virtual Hosts:<\/p>\n OR<\/p>\n Than create the respective files ( To cache everything:<\/p>\n To cache based on URL:<\/p>\n WATCH STATISTICS OF FORWARDED AND CACHED REQUESTS<\/strong><\/p>\n Varnish HTTP Cache is a dedicated opensource application for caching HTTP requests made by the […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,6,7],"tags":[],"class_list":["post-2961","post","type-post","status-publish","format-standard","hentry","category-linux","category-raspberry-pi","category-web"],"_links":{"self":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/2961","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2961"}],"version-history":[{"count":14,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/2961\/revisions"}],"predecessor-version":[{"id":3425,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/2961\/revisions\/3425"}],"wp:attachment":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2961"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2961"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2961"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}sudo apt update && sudo apt upgrade -y\r\nsudo apt install debian-archive-keyring curl gnupg apt-transport-https -y\r\ncurl -fsSL https:\/\/packagecloud.io\/varnishcache\/varnish70\/gpgkey|sudo gpg --dearmor -o \/etc\/apt\/trusted.gpg.d\/varnish.gpg<\/pre>\n
sudo tee \/etc\/apt\/sources.list.d\/varnishcache_varnish70.list > \/dev\/null <<-EOF\r\ndeb https:\/\/packagecloud.io\/varnishcache\/varnish70\/$ID\/ $VERSION_CODENAME main\r\ndeb-src https:\/\/packagecloud.io\/varnishcache\/varnish70\/$ID\/ $VERSION_CODENAME main\r\nEOF<\/pre>\n
sudo tee \/etc\/apt\/sources.list.d\/varnishcache_varnish70.list > \/dev\/null <<-EOF\r\ndeb https:\/\/packagecloud.io\/varnishcache\/varnish70\/ubuntu\/ focal main\r\ndeb-src https:\/\/packagecloud.io\/varnishcache\/varnish70\/ubuntu\/ focal main\r\nEOF<\/pre>\n
sudo apt update && sudo apt install varnish -y<\/pre>\n
sudo cp \/lib\/systemd\/system\/varnish.service \/etc\/systemd\/system\/\r\nsudo nano \/etc\/systemd\/system\/varnish.service<\/pre>\n
ExecStart=\/usr\/sbin\/varnishd \\\r\n\t -a :6081<\/strong> \\\r\n\t -a localhost:8443,PROXY \\\r\n\t -p feature=+http2 \\\r\n\t -f \/etc\/varnish\/default.vcl \\\r\n\t -s malloc,1g<\/strong><\/pre>\n
sudo nano \/etc\/varnish\/default.vcl<\/pre>\n
backend default {\r\n .host = \"127.0.0.1<\/strong>\";\r\n .port = \"8000<\/strong>\";\r\n}<\/pre>\nimport directors;\r\n\r\nbackend backend1 {\r\n .host = \"srv1.example.com\";\r\n .port = \"80\";\r\n}\r\n\r\nbackend backend2 {\r\n .host = \"srv2.example.com\";\r\n .port = \"80\";\r\n}\r\n\r\nsub vcl_init {\r\n new vdir = directors.round_robin();\r\n vdir.add_backend(backend1);\r\n vdir.add_backend(backend2);\r\n}\r\n\r\nsub vcl_recv {\r\n set req.backend_hint = vdir.backend();\r\n}\r\n<\/pre>\nsudo systemctl daemon-reload\r\nsudo systemctl start varnish\r\nsudo systemctl enable varnish<\/pre>\n
tcpdump -i lo<\/strong> dst host 127.0.0.1<\/strong> and port 8000<\/strong><\/pre>\n
curl \"http:\/\/localhost:6081\/\"\r\ncurl \"http:\/\/localhost:6081\/\"\r\ncurl \"http:\/\/localhost:6081\/\"\r\ncurl \"http:\/\/localhost:6081\/\"\r\ncurl \"http:\/\/localhost:6081\/\"\r\ncurl \"http:\/\/localhost:6081\/\"<\/pre>\n
curl -I \"http:\/\/localhost:6081\/\"<\/pre>\n
\/etc\/varnish\/default.vcl<\/code>) customize the internal request overwrite headers or define how long Varnish should cache the content:<\/p>\n# Changes will be applied to the internal request (between Varnish and the web server).\r\nsub vcl_backend_response {\r\n # Change Header\r\n unset beresp.http.Cache-Control;\r\n set beresp.http.Cache-Control = \"max-age=1209600\";\r\n\r\n # Define Varnish Retention\r\n set beresp.ttl = 2w;\r\n\r\n # Defining Conditional Retention\r\n If (bereq.url == \"\/VoD\") {\r\n beresp.ttl = 2d;\r\n }\r\n}<\/pre>\nsub vcl_recv {\r\n if (server.ip == \"10.10.10.10<\/strong>\")\r\n {\r\n include \"\/etc\/varnish\/site-one<\/strong>.vcl\";\r\n }\r\n elsif (server.ip == \"10.20.30.40<\/strong>\")\r\n {\r\n include \"\/etc\/varnish\/site-two<\/strong>.vcl\";\r\n }\r\n}<\/pre>\nsub vcl_recv {\r\n if (! req.http.Host)\r\n {\r\n error 404 \"Need a host header\";\r\n }\r\n set req.http.Host = regsub(req.http.Host, \"^www\\.\", \"\");\r\n set req.http.Host = regsub(req.http.Host, \":80$\", \"\");\r\n\r\n if (req.http.Host == \"site-one.com<\/strong>\")\r\n {\r\n include \"\/etc\/varnish\/site-one<\/strong>.vcl\";\r\n }\r\n elsif (req.http.Host == \"site-two<\/strong>.com\")\r\n {\r\n include \"\/etc\/varnish\/site-two<\/strong>.vcl\";\r\n }\r\n}<\/pre>\n\/etc\/varnish\/site-one<\/strong>.vcl<\/code> and \/etc\/varnish\/site-two<\/strong>.vcl<\/code>) to specify individual configuration per IP\/domain.<\/p>\nsub vcl_recv {\r\n unset req.http.Cookie;\r\n}\r\n\r\nsub vcl_backend_response {\r\n # Force caching of all objects for 6 hours\r\n set beresp.ttl = 6h;\r\n set beresp.http.Cache-Control = \"max-age=21600\";\r\n}\r\n\r\nsub vcl_deliver {\r\n unset resp.http.Cache-Control;\r\n}<\/pre>\nsub vcl_recv {\r\n if (req.url ~ \"^\/path\/(A|B|C)$\") {\r\n unset req.http.Cookie;\r\n return (hash);\r\n }\r\n}\r\nsub vcl_backend_response {\r\n # Only set TTL and cache headers for specific URLs\r\n if (bereq.url ~ \"^\/path\/(A|B|C)$\") {\r\n set beresp.ttl = 6h;\r\n set beresp.http.Cache-Control = \"max-age=21600\";\r\n }\r\n}\r\nsub vcl_deliver {\r\n if (req.url ~ \"^\/path\/(A|B|C)$\") {\r\n unset resp.http.Cache-Control;\r\n }\r\n}<\/pre>\n
\nsudo watch -n 1 'varnishstat -1 | grep -E \"client_req|cache_hit\"'<\/pre>\n","protected":false},"excerpt":{"rendered":"