How to Install Varnish 3 On CentOS

by lifeLinux on November 3, 2011

Varnish is an HTTP accelerator designed for content-heavy dynamic web sites. In contrast to other HTTP accelerators, such as Squid, which began life as a client-side cache, or Apache and nginx, which are primarily origin servers, Varnish was designed from the ground up as an HTTP accelerator.

Installation on CentOS / RedHat

Varnish is distributed in the EPEL (Extra Packages for Enterprise Linux) package repositories. To use the varnish-cache.org repository, login as root and type the following command

# rpm --nosignature -i http://repo.varnish-cache.org/redhat/varnish-3.0/el5/noarch/varnish-release-3.0-1.noarch.rpm

And type the following command to install Varnish

# yum install varnish

If you get the following error

Resolving Dependencies
--> Running transaction check
---> Package varnish.x86_64 0:3.0.1-1.el5 set to be updated
--> Processing Dependency: varnish-libs = 3.0.1-1.el5 for package: varnish
--> Processing Dependency: libedit.so.0()(64bit) for package: varnish
--> Running transaction check
---> Package varnish.x86_64 0:3.0.1-1.el5 set to be updated
--> Processing Dependency: libedit.so.0()(64bit) for package: varnish
---> Package varnish-libs.x86_64 0:3.0.1-1.el5 set to be updated
--> Finished Dependency Resolution
varnish-3.0.1-1.el5.x86_64 from varnish-3.0 has depsolving problems
  --> Missing Dependency: libedit.so.0()(64bit) is needed by package varnish-3.0.1-1.el5.x86_64 (varnish-3.0)
Error: Missing Dependency: libedit.so.0()(64bit) is needed by package varnish-3.0.1-1.el5.x86_64 (varnish-3.0)
 You could try using --skip-broken to work around the problem
 You could try running: package-cleanup --problems
                        package-cleanup --dupes
                        rpm -Va --nofiles --nodigest

Type the following command to fix it

# rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm

To start Varnish for the first time, type the following command

# /etc/init.d/varnish start

If you want to run Nginx by default when the system boots, type the following command

# chkconfig --level 345 varnish on

Configure Varnish cache for WordPress

Con­fig­ure Var­nish con­fig file (/etc/varnish/default.vcl.) with the following content

# Back-End
backend default {
	.host = "127.0.0.1";
  	.port = "80";
  	.connect_timeout = 60s;
  	.first_byte_timeout = 10s;
  	.between_bytes_timeout = 10s;
}

# Custom
sub vcl_recv {
	remove req.http.X-Forwarded-For; 
	set req.http.X-Forwarded-For = client.ip;

	if (req.url ~ "^/wp-(login|admin)") {
		return (pipe);
	}
	
	if (req.http.Cookie ~"(wp-postpass|wordpress_logged_in|comment_author_)") {
		return (pipe);
	}

	if (req.request == "POST") {
		return (pass);
	}

	if (req.http.Cache-Control ~ "no-cache") {
		return (pass);
	}

	if (req.http.Authorization) {
		return (pass);
	}

	if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|htm|html)$") {
		unset req.http.Cookie;
		unset req.http.Accept-Encoding;
		unset req.http.Vary;
		return (lookup);
	}

	if (req.http.Accept-Encoding) {
		if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
			remove req.http.Accept-Encoding;
		} elsif (req.http.Accept-Encoding ~ "gzip") {
			set req.http.Accept-Encoding = "gzip";
		} elsif (req.http.Accept-Encoding ~ "deflate") {
			set req.http.Accept-Encoding = "deflate";
		} else {
			remove req.http.Accept-Encoding;
		}
	}

	if (req.backend.healthy) {
		set req.grace = 30s;
	} else {
		set req.grace = 1h;
	}

	unset req.http.Cookie;
	unset req.http.Vary;
	return (lookup);
}

sub vcl_fetch {
	set beresp.grace = 1h;
	unset beresp.http.set-cookie;
	if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|htm|html)$") {
		set beresp.ttl = 24h;
	} else {
		set beresp.ttl = 5m;
	}
	return (deliver);
}

sub vcl_deliver {
	if(obj.hits > 0) {
		set resp.http.X-Cache = "HIT";
	} else {
		set resp.http.X-Cache = "MISS";
	}
	set resp.http.Cache-Control = "private";
	set resp.http.Pragma = "private";
	remove resp.http.X-Varnish;
	remove resp.http.Via;
	remove resp.http.Age;
	remove resp.http.Server;
	remove resp.http.X-Powered-By;
}

sub vcl_pipe {
	set bereq.http.connection = "close";
}

By default, Varnish is listening on port 6081. To Varnish can handle traffic of website on port 80, you can using iptables to redirect traffic from port 80 to port 6081, type the following command

# iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 6081

And type the following command to save iptables rules

# /etc/init.d/iptables save

{ 4 comments… read them below or add one }

Guest January 11, 2012 at 7:24 pm

Wonderful. One of the only article that summarizes varnish install and the workaround. Love it . Love it.

Reply

Basit Khan March 4, 2012 at 12:56 pm

Wow…Thanks bro!
Its sounds great! does it work with bsd? like ipcop or pfsense?
How to make it transparent cache? with 2 lan card 1 for Local/LAN and 1 for WAN
reply is awaiting…
[email protected]

Reply

Reza December 10, 2012 at 7:00 am

fantastic thank you 😉

Reply

Linux Killer January 28, 2013 at 6:43 pm

Mercii

Reply

Previous post:

Next post: