How to Install Varnish Reverse Proxy with Nginx on Ubuntu 16.04 LTS
Varnish is a proxy server focused on HTTP caching. It’s designed as HTTP accelerator and can act as reverse proxy for your web server Apache or Nginx. Varnish has been used for high-profile and high-traffic websites, including Wikipedia, The Guardian, and the New York Times.
In this tutorial, I will show you how to install and configure varnish HTTP accelerator as a reverse proxy for Nginx web server. The real web server Nginx will run under non-standard HTTP port 8080. And Varnish will be running as the reverse proxy on HTTP port 80. For this guide, we will be using Ubuntu 16.04 server.
What we will do
- Install Nginx on Ubuntu 16.04
- Configure Nginx on Port 8080
- Install Varnish on Ubuntu 16.04
- Configure Varnish as a Reverse Proxy for Nginx
- Configure UFW Firewall
- Testing
Prerequisites
- Ubuntu 16.04
- Root Privileges
Step 1 – Install Nginx on Ubuntu 16.04
The first step we must do for this tutorial is to install Nginx to the system Ubuntu 16.04. In this step, we will install Nginx (it’s available in the official Ubuntu repository), then start the service, and then enable it to launch every time at system boot.
Install Nginx from the Ubuntu repository using the apt command.
sudo apt install nginx -y
After the installation is complete, start Nginx and enable it to launch every time at system boot using the systemctl commands below.
systemctl start nginx
systemctl enable nginx
The Nginx web server is running on the default HTTP port – check it using netstat and make sure the HTTP port is used by Nginx.
netstat -plntu
Step 2 – Configure Nginx on Port 8080
In this step, we will configure nginx to run under non-standard HTTP port 8080. For this purpose, we need to edit virtual host files under ‘sites-available’ directory.
Go to the Nginx configuration directory and edit the ‘default’ virtual host file using vim.
cd /etc/nginx/
vim sites-available/default
Change ‘listen’ line value to 8080.
listen 8080 default_server;
listen [::]:8080 default_server;
Save and exit.
Now test the Nginx configuration and make sure there is no error. Then restart the service.
nginx -t
systemctl restart nginx
Now test nginx again using netstat, and make sure it’s running on the non-standard HTTP port 8080.
netstat -plntu
The Nginx web server has been installed, and it’s now running on port 8080.
Step 3 – Install Varnish on Ubuntu 16.04
Now we need to install Varnish on the system. We can install the tool’s latest version from the source. And for this guide, we will be installing varnish from the Ubuntu repository – Varnish v4.
Install varnish using the apt command below.
sudo apt install varnish -y
Now start varnish and enable it to launch at system boot using the systemctl commands below.
systemctl start varnish
systemctl enable varnish
By default, varnish will be using port 6081 for public access, and port 6082 for the varnish admin web interface. Check it using the netstat command, and make sure those ports are on the list.
netstat -plntu
Varnish HTTP Accelerator has been installed.
Step 4 – Configure Varnish as a Reverse Proxy for Nginx
In this tutorial, we will be using Varnish as a reverse proxy for the Nginx web server. Varnish will be running on the HTTP port 80, and the Nginx web server on HTTP port 8080 (It’s complete).
In this step, we will configure Varnish for Nginx, define the backend server, then change varnish to run under HTTP port 80.
Now go to the varnish configuration directory and edit the ‘default.vcl’ file.
cd /etc/varnish
vim default.vcl
On the backend line, define the configuration as below.
backend default {
.host = "127.0.0.1";
.port = "8080";
}
Save and exit.
Note:
- .host = Backend web server address.
- .port = The backed web server running on.
The backend configuration has been completed.
Next, we need to configure Varnish to run under HTTP port 80. Go to the ‘/etc/default’ directory and edit the varnish configuration file ‘varnish’.
cd /etc/default/
vim varnish
On the ‘DAEMON_OPTS’ line, change the default port 6081 to HTTP port 80.
DAEMON_OPTS="-a :80 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-s malloc,256m"
Save and exit.
Now edit the varnish service file in the ‘/lib/systemd/system’ directory. Go to the systemd system directory and edit the varnish.service file.
cd /lib/systemd/system
vim varnish.service
On the ‘ExecStart’ line, change the varnish port 6081 to HTTP port 80.
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
Save and exit.
Reload the systemd configuration and restart varnish.
systemctl daemon-reload
systemctl restart varnish
After the configuration is complete, check Varnish using netstat command below.
netstat -plntu
Make sure Varnish is running on HTTP port 80 as shown below.
Varnish configuration as a reverse proxy for Nginx has been completed.
Step 5 – Configure UFW Firewall
The Ubuntu system comes with default human-readable firewall named ‘UFW’. If you do not have the package, install them using the apt command below.
sudo apt install ufw
In this step, we will activate the firewall and open new ports for SSH, HTTP, and HTTPS.
Run the ufw commands below.
ufw allow ssh
ufw allow http
ufw allow https
Now activate the firewall and enable it to launch every time at boot time.
ufw enable
Type ‘y’ and press Enter to confirm.
UFW firewall is activated, and HTTP as well as HTTPS port is now accessible from the outside network.
Step 6 – Testing
– Testing using cURL
Testing varnish using the curl command, so we can see HTTP headers from the server.
curl -I hakase-labs.co
And you will get the HTTP Header result ‘Via: 1.1 varnish-v4’ as shown below.
– Testing using Web Browser
Open your web browser and type the following server URL or address. Mine is: http://hakase-labs.co
Make sure you get the Nginx default page as below.
– Testing the Varnish Log
Varnish provides some commands for managing and viewing logs. We will be using ‘varnishncsa’ to get varnish access log.
varnishncsa
And you will get the result as shown below.
Varnish installation and configuration as a reverse proxy for Nginx web server has been completed.
Reference
Share this page: