Setup and install Varnish cache server on Ubuntu 24.04 in the cloud on Azure, AWS or Google GCP. Use the public image from any of the cloud marketplaces to quickly deploy Varnish cache. Varnish Cache is an open-source HTTP accelerator designed to enhance the speed and performance of web servers by caching static and dynamic content. It sits between clients and backend servers, caching frequently accessed data and delivering it to users with lightning speed.
Cloud Varnish Cache
Varnish Cache Azure
Deploy Varnish Cache on Ubuntu 24.04 in Azure
Varnish Cache AWS
Coming soon…
Varnish Cache GCP
Coming soon…
Getting Started with Varnish Cache
Once your Varnish cache server has been deployed, the following links explain how to connect to a Linux VM:
Once connected and logged in, the following section explains how to start using Varnish cache server.
Confirm Varnish Installation
To confirm that Varnish is installed and running correctly, you can check the service status:
sudo systemctl status varnish
You should see output showing that Varnish is active (running). You can also confirm the version:
varnishd -V
Default Varnish Configuration
Varnish’s default configuration file is located at /etc/varnish/default.vcl. This file defines how Varnish behaves and how it interacts with the backend server.
Open the Varnish configuration file:
sudo nano /etc/varnish/default.vcl
2. In this file, you will configure how Varnish interacts with your backend web server. For example, if your backend web server (Apache or Nginx) is running on port 8080, modify the backend configuration like this:
backend default: Defines where Varnish forwards requests. In this case, it’s 127.0.0.1 (localhost) on port 8080.
3. Save the file and exit by pressing CTRL+X, then Y, and Enter.
Update Varnish Listening Port (Optional)
By default, Varnish listens on port 6081 (HTTP). If you want to replace your web server and have Varnish listen on port 80 (the standard HTTP port), you can modify the systemd configuration.
Edit the Varnish service configuration file:
sudo nano /lib/systemd/system/varnish.service
2. Find the line that starts with ExecStart and change the port from 6081 to 80 (or another port if needed):
ExecStart=/usr/sbin/varnishd -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -s malloc,256m
-a :80: Tells Varnish to listen on port 80.
-s malloc,256m: Defines the amount of memory Varnish will use for caching (256MB in this example).
3. Save and close the file, then reload the systemd configuration:
sudo systemctl daemon-reload
4. Restart Varnish to apply the changes:
sudo systemctl restart varnish
Configure Your Web Server
Make sure your backend web server (Apache, Nginx, etc.) is configured to listen on a port that Varnish will forward traffic to (like port 8080). Here’s how you can modify Nginx or Apache to listen on port 8080:
Now that Varnish is configured, you can test it by visiting your server’s IP or domain name in a web browser. Varnish will cache the responses from the backend web server.
Access your website using the server’s IP or domain name:
http://your-server-ip-or-domain
Varnish should now be handling requests and caching content.
Check Varnish Statistics: You can monitor Varnish’s performance and cache usage by running:
varnishstat
This command provides real-time statistics about Varnish, including hit rates, cache usage, and more.
Purging the Vanish Cache
If you need to purge specific cached content from Varnish, you can configure a purge rule in the default.vcl file.
Open the default.vcl file:
sudo nano /etc/varnish/default.vcl
2. Add a rule to allow purging:
acl purge {
"localhost";
"192.168.0.0"/24; # Allow your local network to purge
}
sub vcl_recv {
if (req.method == "PURGE") {
if (!client.ip ~ purge) {
return(synth(403, "Not allowed."));
}
return (purge);
}
}
This allows purging from the localhost or any IP specified in the acl section.
3. Save the file and restart Varnish:
sudo systemctl restart varnish
4. You can now purge specific cached pages by sending a PURGE request. For example, to purge the home page:
curl -X PURGE http://your-server-ip/
Logs and Debugging
To monitor Varnish’s logs, you can use the varnishlog command, which provides detailed logs about each request:
varnishlog
This will display all HTTP requests handled by Varnish, making it easier to debug issues or analyze traffic.
For a more compact summary of requests and their cache status, use varnishncsa:
varnishncsa
This will provide access logs in a format similar to Apache’s combined log format.
Tuning Vanish Cache Size
By default, Varnish allocates 256MB for caching content. You can increase or decrease this depending on your system’s available memory.
Edit the Varnish service file to adjust the cache size:
sudo nano /lib/systemd/system/varnish.service
2. Modify the memory allocation in the ExecStart line. For example, to allocate 1GB:
ExecStart=/usr/sbin/varnishd -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -s malloc,1g
3. Save the file, reload systemd, and restart Varnish:
By default, Varnish Cache uses the following ports:
1. Port 6081 (HTTP)
Purpose: This is the default port where Varnish listens for incoming HTTP requests.
Usage: Varnish acts as a reverse proxy on this port, receiving HTTP requests from clients and forwarding them to the backend web server.
2. Port 6082 (Admin/Management Port)
Purpose: This port is used for the Varnish administration interface (varnishadm), which allows you to manage Varnish, clear caches, reload configurations, and more.
Usage: Access to this port is typically restricted to localhost by default for security reasons.
Custom Ports:
Varnish ports can be changed depending on your requirements. For instance, you might want Varnish to listen on port 80(HTTP) or port 443(HTTPS) if you’re using it to serve traffic directly without needing another reverse proxy in front of it (although Varnish doesn’t handle SSL termination directly).
The links below explain how to modify / create firewall rules depending on which cloud platform you are using.
Disclaimer: Varnish® is a registered trademark of Varnish Software ABC and is licensed under 2-clause BSD License. The license comes with a “no warranty” clause, meaning the software is provided “as-is” without any guarantees or liability for issues that may arise.
Cloud Solution Architect. Helping customers transform their business to the cloud. 20 years experience working in complex infrastructure environments and a Microsoft Certified Solutions Expert on everything Cloud.
00votes
Article Rating
Subscribe
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.