Varnish cache is a free and opensource high-performance HTTP accelerator used to speed up the rate at which web servers serve web pages.

The cache saves the webpages in memory such that the web server doesn’t have to serve the webpages afresh every time they are requested by clients.

This ultimately gives your server a speed boost which increases your chances of getting ranked higher by Google. In this article, you will learn how to install Varnish cache on CentOS 7.

Step 1: Install EPEL repository

The first step is to install EPEL, short for Extra Packages for Enterprise Linux. It contains extra packages and dependencies that are required for the smooth running of packages.

Copy
sudo yum install -y epel-release

Sample Output
Install Epel Release

Step 2: Install Nginx

Next on line is the installation of the Nginx web server.

To install Nginx, run the command

Copy
yum install nginx -y

Sample Output

Yum Install Nginx

Step 3: Start and Enable Nginx

Once you have successfully installed Nginx, be sure to start and enable it on boot using the commands below

Sample Output

Copy
systemctl start nginx systemctl enable nginx

Start And Enable Nginx

To confirm that Nginx is up and running execute the command:

Copy
systemctl status nginx

Sample Output

Check Nginx Status

By default, Nginx runs on port 80. To verify this, use the netstat command

Copy
netstat -pnltu

Sample Output

Netstat Nginx Port 80

Step 4: Install Varnish

Next, install varnish using the command below

Copy
yum install varnish

Sample Output
Install Varnish 6

Step 5. Start and Enable Varnish

After the successful installation of the Varnish cache, we need to ensure that it is up and running.

To start Varnish cache execute the command

Copy
systemctl start varnish

To enable Varnish cache on boot run

Copy
systemctl enable varnish

Sample output

Start And Enable Varnish

To confirm that Varnish cache is running, execute the command

Copy
systemctl status varnish

Sample output

Check Varnish Status

Awesome, Varnish is up and running as expected.

You can view more information such as the release, version and install data using the command

Copy
rpm -qi

Sample output

More Information About Varnish Cache

Step 6: Configure Varnish as a reverse proxy for Nginx

Since Varnish cache sits in front of the web server to serve HTTP requests, we need to change the default Nginx port to port 8080 and later configure Varnish to listen on port 80.

Open the Nginx configuration file

Copy
vim /etc/nginx/nginx.conf

Locate the Server block and make the changes as shown

Copy
..... server { listen 8080 default_server; listen [::] 8080 default_server; .... }

Save and exit the text editor.

For the changes to take effect, restart Nginx

Copy
systemctl restart nginx

Now Nginx should run on port 8080

Next, head out to the Varnish configuration file

Copy
vim /etc/varnish/default.vcl

Locate the backend default block and ensure it resembles the lines shown below

Copy
backend default { .host = "127.0.0.1"; .port = "8080"; }

Note:

.host = Refers to the backend web server IP address.
.port = Refers to the backend web server port it is running on.

Save and exit the text editor.

We need to configure Varnish to listen to port 80. Head out to the configuration file below

Copy
vim /etc/varnish/vim.params

Modify the value of 'VARNISH_LISTEN_PORT' line to HTTP port 80.

VARNISH_LISTEN_PORT=80

Save end exit the text editor.

Restart Varnish.

Copy
systemctl restart varnish

Verify again the port on which Varnish is Listening on

Copy
netstat -plntu

check port varnish is running on

From the above output, we can clearly see that Nginx is listening on port 8080 while Varnish is listening on port 80, which is exactly what we want.

Now let us configure the firewall.

Step 7: Install and configure Firewalld

We need to install firewalld and allow http and https protocols.

To install firewalld run

Copy
yum install firewalld -y

Sample output

Install Firewalld

Now start and enable firewalld to start on boot.

Copy
systemctl start firewalld systemctl enable firewalld

Sample Output

Start And Enable Firewalld

Now let’s allow ports 80 (http) and 443 (https)

Copy
firewall-cmd --add-port=80/tcp --zone=public --permanent firewall-cmd --add-port=443/tcp --zone=public --permanent

Finally, reload the firewall for the changes to come into effect.

Copy
firewall-cmd --reload

Open Ports In Firewalld And Reload Firewall

Great! The only remaining item is to test our configuration.

Step 8: Testing Varnish configuration

To test varnish, run the following command

Copy
curl -I localhost

You will get output similar to this:

testing varnish on command line

To check the logs, run the following command.

Copy
varnishncsa

Open your browser and browse your server’s address

Copy
http://server-ip

Back to the command line, you will notice some logs being generated

Varnish Logs

This brings us to the end of this tutorial. We have successfully installed Varnish and configured it to act as a reverse proxy to the Nginx web server.