Personal tools
You are here: Home Web Reverse Proxy And Cache Installing Varnish Web cache on a CentOS 5 VM
 

Installing Varnish Web cache on a CentOS 5 VM

Howto install and configure Varnish v1.1.2

May 2010: Varnish v2.0.6 is part of EPEL (Original article is from March 2008)

 

Varnish is not part of the CentOS distribution, EPEL, ATRpms, etc. Binary x86_64 RHEL5 RPM's are on the sourceforge site. Download the two binary RPM's and install them. As per the FAQ, varnish requires a complier to compile the configuration.

Installation

In theory we could download the binary RPM's and use yum to install them [4]; however the sourceforge binary RPM's aren't signed (and/or I haven't installed the GPG key), so just manually install the prerequisite packages, and then use rpm to install the two varnish rpms.
# yum install logrotate libgomp gcc cpp binutils kernel-headers glibc-headers glibc-devel
# rpm -Uvh varnish-1.1.2-5el5.x86_64.rpm varnish-libs-1.1.2-5el5.x86_64.rpm

 Configuration

Configuration of the varnish daemon is straight forward. I cut the sample /etc/sysconfig/varnish file down [1] to a basic configuration. I changed the cache to listen only on the loopback interface, as it should only be accessed via the local NGINX proxy.

Creating a 'vcl' file is unconstrained, and would (IMHO) require a large time investment. Varnish comes with an example[2] for Zope/Plone (/usr/share/doc/varnish-1.1.2/examples/zope-plone.vcl).  I also found this example [3], which adds a couple for directives to the 'vcl_recv' section - I used this as with casual inspection it seemed reasonable. Copy this sample to '/etc/varnish/default.vcl'. Change the address at the top of the file to the Zope listener (which is zope-internal.lucidsolutions.co.nz [192.168.0.65], port 8080).

Run

Enable and start the services

# for A in varnish varnishlog ; do chkconfig $A on ; service $A start ; done

Links

 

Configuration

Appendices


[1] /etc/sysconfig/varnish
# Configuration file for varnish
#
# /etc/init.d/varnish expects the variable $DAEMON_OPTS to be set from this
# shell script fragment.
#

# Maximum number of open files (for ulimit -n)
NFILES=131072

# Listen on port 6081, administration on localhost:6082, and forward to
# one content server selected by the vcl file, based on the request.  Use a
# fixed-size cache file.
#
DAEMON_OPTS="-a localhost:6081 \
             -T localhost:6082 \
             -f /etc/varnish/default.vcl \
             -u varnish -g varnish \
             -s file,/var/lib/varnish/varnish_storage.bin,1G"

[2] /usr/share/doc/varnish-1.1.2/examples/zope-plone.vcl (with trailing default.vcl commented out section removed)  Note: the 192.0.2.0 network should be removed from the 'acl purge' section.
#
# This is a basic VCL configuration file for varnish.  See the vcl(7)
# man page for details on VCL syntax and semantics.
#
# $Id: default.vcl 1424 2007-05-15 19:38:56Z des $
#

# Default backend definition.  Set this to point to your content
# server.

backend default {
        set backend.host = "127.0.0.1";
        set backend.port = "9673";
}

acl purge {
        "localhost";
        "192.0.2.0"/24;
}

sub vcl_recv {
        if (req.request != "GET" && req.request != "HEAD") {
                # PURGE request if zope asks nicely
                if (req.request == "PURGE") {
                        if (!client.ip ~ purge) {
                                error 405 "Not allowed.";
                        }
                        lookup;
                }
                pipe;
        }
        if (req.http.Expect) {
                pipe;
        }
        if (req.http.Authenticate || req.http.Authorization) {
                pass;
        }
        # We only care about the "__ac.*" cookies, used for authentication
        if (req.http.Cookie && req.http.Cookie ~ "__ac(|_(name|password|persistent))=") {
                pass;
        }
        lookup;
}

# Do the PURGE thing
sub vcl_hit {
        if (req.request == "PURGE") {
                set obj.ttl = 0s;
                error 200 "Purged";
        }
}
sub vcl_miss {
        if (req.request == "PURGE") {
                error 404 "Not in cache";
        }
}

# Enforce a minimum TTL, since we PURGE changed objects actively from Zope.
sub vcl_fetch {
        if (obj.ttl < 3600s) {
                set obj.ttl = 3600s;
        }
}
[3] /etc/varnish/default.vcl
# This is a basic vcl.conf file for varnish.
# Modifying this file should be where you store your modifications to
# varnish. Settnigs here will override defaults.

backend default {
        # Your Zope / Plone instance.
        set backend.host = "192.168.0.65";
        set backend.port = "8080";
}

acl purge {
                "localhost";
}

sub vcl_recv {
        if (req.request != "GET" && req.request != "HEAD") {
                # PURGE request if zope asks nicely
                if (req.request == "PURGE") {
                        if (!client.ip ~ purge) {
                              error 405 "Not allowed.";
                }
                lookup;
                }
                pipe;
        }

        if (req.http.Expect) {
                pipe;
        }

        if (req.http.Authenticate || req.http.Authorization) {
                pass;
        }

        # We only care about the "__ac.*" cookies, used for authentication
        if (req.http.Cookie && req.http.Cookie ~ "__ac(|_(name|password|persistent))=") {
                pass;
        }

        # File type that we will always cache
        if (req.request == "GET" && req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|\
                     svg|swf|ico|css|js|vsd|doc|ppt|pps|xls|pdf|mp3|mp4|m4a|ogg|mov|avi|wmv|sxw|zip|\
                     gz|bz2|tgz|tar|rar|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw|dmg|torrent|\
                     deb|msi|iso|rpm)$") {
            lookup;
        }

        if (req.request == "POST") {
                pipe;
        }

        # force lookup even when cookies are present
        if (req.request == "GET" && req.http.cookie) {
                lookup;
        }
        lookup;
}

sub vcl_fetch {
        # force minimum ttl of 300 seconds
        if (obj.ttl < 300s) {
                set obj.ttl = 300s;
        }
}

# Do the PURGE thing
sub vcl_hit {
        if (req.request == "PURGE") {
                set obj.ttl = 0s;
                error 200 "Purged";
        }
}

sub vcl_miss {
        if (req.request == "PURGE") {
                error 404 "Not in cache";
        }
}
[4] Varnish install (Note: This output doesn't show the unsigned RPM failure, as noted above) 
Dependencies Resolved

=============================================================================
 Package                 
Arch       Version          Repository        
Size
=============================================================================
Installing:
 varnish                 x86_64     1.1.2-5el5       varnish-1.1.2-5el5.x86_64.rpm  315 k
 varnish-libs            x86_64     1.1.2-5el5       varnish-libs-1.1.2-5el5.x86_64.rpm  115 k
Installing for dependencies:
 binutils                x86_64     2.17.50.0.6-5.el5  base              2.9 M
 cpp                     x86_64     4.1.2-14.el5     base              2.9 M
 gcc                     x86_64     4.1.2-14.el5     base              5.3 M
 glibc-devel             x86_64     2.5-18.el5_1.1   updates           2.4 M
 glibc-headers           x86_64     2.5-18.el5_1.1   updates           598 k
 kernel-headers          x86_64     2.6.18-53.1.13.el5  updates           820 k
 libgomp                 x86_64     4.1.2-14.el5     base               76 k
 logrotate               x86_64     3.7.4-8          updates            39 k

Transaction Summary
=============================================================================
Install     
10 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 15 M
Is this ok [y/N]: y
Downloading Packages:
Related content
Document Actions