How to speed up Apache with Varnish HTTP cache on Ubuntu 16.04 LTS
This tutorial exists for these OS versions
- Ubuntu 22.04 (Jammy Jellyfish)
- Ubuntu 18.04 (Bionic Beaver)
- Ubuntu 16.04 (Xenial Xerus)
On this page
Varnish is a proxy server focused on HTTP caching. It's designed as an HTTP accelerator, and can act as a reverse proxy for your web server (Apache or Nginx). Varnish has been used for high-profile and high-traffic websites, including Wikipedia, The Guardian, and The New York Times.
In this tutorial, we will show you how to install and configure the Varnish HTTP accelerator as a reverse proxy for the Apache web server. The real web server Apache will run under non-standard HTTP port (running on port 8080). And Varnish will be running as the reverse proxy on HTTP port 80. For this guide, we will be using the Ubuntu 16.04 server.
What we will do
- Install Apache Web server
- Change Apache Default Port
- Install Varnish
- Configure Varnish
- Test the setup
Prerequisites
- Ubuntu 16.04
- Root privileges
Step 1 - Install Apache Web server
To start off, install the Apache web server. By default, it's available in the Ubuntu repository.
Update the Ubuntu repository and then install Apache using the apt command.
sudo apt update
sudo apt install -y apache2
After the installation is complete, start the Apache service and enable it to run automatically at system boot time using the following systemctl commands.
systemctl start apache2
systemctl enable apache2
The Apache web server has been installed.
Next, in order to allow everyone access to the web server, we must allow HTTP and HTTPS on our firewall rule. By default, Ubuntu comes with a firewall package named UFW.
Open new SSH, HTTP and HTTPS ports using the following ufw commands.
ufw allow ssh
ufw allow http
ufw allow https
Now start the firewall service and enable it to launch automatically at system boot.
ufw enable
Type 'y' and press Enter to confirm.
New ports for http, https, and ssh have been opened, and are accessible from outside of the network.
If you want to test the Apache web server, you can use the netstat command and make sure apache is running under port 80.
netstat -plntu
Or you can use the following curl command.
curl -I hakase-labs.co
You should get the result as shown below.
Step 2 - Change Apache Default Port
In this tutorial, we will be using Apache as the backend server, and it will not run under the standard http port 80. The Apache web server will be running on port 8080 as backend, and the standard http port 80 will be used by 'Varnish'.
To change the default apache port, we need to edit the apache configuration 'ports.conf' and all of the virtual host configuration under the 'sites-available' directory.
Go to the Apache configuration directory.
cd /etc/apache2
Replace port '80' with '8080' in the Apache configuration 'ports.conf' and all virtual host files under the 'sites-available' directory. We can do that by running the following sed commands.
sed -i -e 's/80/8080/g' ports.conf
sed -i -e 's/80/8080/g' sites-available/*
Next, test the Apache configuration and make sure there is no error, then restart the Apache service.
apachectl configtest
systemctl restart apache2
Now Apache is running under http port '8080', check it using the netstat command as shown below.
netstat -plntu
Make sure you have the result as below.
So you can see the Apache web server is running on port '8080'.
Step 3 - Install Varnish HTTP Accelerator
In this step, we will be installing Varnish from the Ubuntu repository. And for this guide, we will be using varnish 4.
Install varnish using the following apt command.
sudo apt install -y varnish
After the installation is complete, start Varnish and enable it to launch automatically at system boot.
systemctl start varnish
systemctl enable varnish
Varnish has been installed on the Ubuntu 16.04 system.
By default, it's running under ports '6081' for public address and '6082' for localhost address. Check it using netstat command below.
netstat -plntu
And you will get the default varnish port.
Step 4 - Configure Varnish as a Reverse Proxy for Apache
In this step, we will configure varnish on the front of the Apache web server. Varnish will be running under http port 80, and every request from clients will be handled by it, before being sent to the Apache web server running on port 8080.
- Backend Configuration
Go to the 'varnish' configuration directory and backup the default file 'default.vcl'.
cd /etc/varnish/
cp default.vcl default.vcl.aseli
Edit the varnish configuration 'default.vcl' using the vim editor.
vim default.vcl
Define the 'backend' configuration on line 16. The backend for our setup is Apache, and it's' running on port 8080. So the varnish configuration for our apache setup should be the following:
backend default {
.host = "127.0.0.1";
.port = "8080";
}
Save and exit.
- Running Varnish on Port 80
Next, we need to change the default varnish ports. The default ports for varnish is '6081' and '6082', and we need to change the port to the http port 80 (only for public address).
Edit the varnish parameter configuration in '/etc/default' directory.
cd /etc/default/
vim varnish
Edit the 'DAEMON_OPTS' line, change the default port '6081' for public address with standard http port '80' as shown below.
DAEMON_OPTS="-a :80 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-s malloc,256m"
Save and exit.
Next, we need to edit the varnish service file 'varnish.service'. Go to the '/lib/systemd/system' directory and edit the service file using vim.
cd /lib/systemd/system/
vim varnish.service
On the 'ExecStart' line, change the varnish start command as below.
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
Save and exit.
Reload the systemd service configuration and then restart varnish.
systemctl daemon-reload
systemctl restart varnish
Now check varnish and make sure it's running on the http port 80.
netstat -plntu
So Varnish is now running under http port 80 as front-end for Apache web server, which is on port 8080.
Step 5 - Testing
Test using the curl command.
curl -I hakase-labs.co
Make sure you get the http header as shown below.
Checking from web browser, the URL of my test server is: http://hakase-labs.co/. Choose your server URL here.
And we still get Apache contents.
Check the varnish log using the 'varnishncsa' command.
varnishncsa
And we get log just from the Apache access log.
Varnish installation and configuration for the Apache web server has been completed.
Reference