I've just installed varnish on my development server and it's running without changing any configuration. So now it just asks Apache for the response and passes it back.
Well, I'm a newbie and I'm trying to cache javascript, css and images to test varnish. My problem is that if I write return (lookup); in vcl_recv gives me error on service varnish restart!!
vcl 4.0;
# Default backend definition. Set this to point to your content server.
backend default {
.host = "127.0.0.1";
.port = "80";
}
sub vcl_recv {
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
#hash_data(req.url);
#if (req.http.host) {
# hash_data(req.http.host);
#} else {
# hash_data(server.ip);
#}
return (lookup);
}
sub vcl_backend_response {
# Happens after we have read the response headers from the backend.
#
# Here you clean the response headers, removing silly Set-Cookie headers
# and other mistakes your backend does.
}
sub vcl_deliver {
# Happens when we have all the pieces we need, and are about to send the
# response to the client.
#
# You can do accounting or modifying the final object here.
}
This configuration in default.vcl gives me the next error on restart:
Job for varnish.service failed. See 'systemctl status varnish.service' and 'journalctl -xn' for details.
Help me please!!
You can do something like:
sub vcl_recv {
if (req.url ~ "(?i)\.(jpeg|jpg|png|gif|ico|js|css)$") {
unset req.http.Cookie;
return (hash);
} else {
return (pass);
}
}
For an extended answer, you might want to look at the answer for Varnish 3 in https://serverfault.com/a/551283/426146.
The problem is that in default.vcl the port is 80.
The port must be the port that your web server is listening for example 8080.
The web server must be configured in 8080.
And in Debian your /etc/systemd/system/varnish.service file has the port that you have to change to 80
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,512m
Then with your Browser you are connecting to 80 in varnish and the varnish asking web server from 8080 the pages and files (cached after first hit).
If the file doesn't exists run:
cp /lib/systemd/system/varnish.service /etc/systemd/system/
systemctl daemon-reload && systemctl status varnish
And is starting to use the file and after that you ca enter your code in /etc/varnish/default.vcl
Related
Ubuntu 16.04.2
varnish-4.1.1
I stuck here:
https://varnish-cache.org/docs/4.1/tutorial/starting_varnish.html
The very first change in configuration in the whole book. It said: change host to www.varnish-cache.org and reload.
/etc/varnish/default.vcl
vcl 4.0;
backend default {
.host = "www.varnish-cache.org";
.port = "80";
}
I executed:
sudo service varnish restart
sudo service varnish reload
But anyway I constantly have "Error 503 Backend fetch failed".
I have tried:
$ sudo varnishd -d -f default.vcl
Error:
Failed to create vcl_boot/vgc.so: Permission deniedVCL compilation failed
It seems that compilation fails. Could you help me here?
It's a somewhat broken tutorial for a few reasons:
They ask you to point backend to a DNS name. The proper way is to specify IP in backend definitions
Whatever you specify (DNS or IP) it will end up passing Host header of the site you access Varnish with and ask backend server to deliver site with that hostname.
So why you're getting an error as per tutorial:
You access, e.g. http://localhost/ (or whatever hostname you access your Varnish with)
Then Varnish talks to HTTP server at varnish-cache.org and asks for http://localhost.
Obviously the varnish-cache.org server has no idea about that one and most likely (as per their configuration will issue a redirect / error / etc.) thus the error that you see.
It is best to point it to your own web server instead and do it like this:
vcl 4.0;
backend default {
.host = "127.0.0.1";
.port = "8080";
}
The above assumes that you run a web server (nginx or Apache, etc.) at the same machine with Varnish and you made it run at port 8080.
Can't configure Varnish. Please, help!
(found here only german thread)
I've setted up Nginx 1.10 , Varnish 4.1.1, ISPconfig.
/etc/default/varnish
DAEMON_OPTS="-a :6081 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-s malloc,512m"
/etc/varnish/default.vcl
backend default {
.host = "127.0.0.1";
.port = "81";
}
acl purge {
"localhost";
"127.0.0.1";
}
Nginx virtual host /etc/nginx/sites-available/MyDomain.com.vhost
server {
listen *:81;
...
and when I visite MyDomain.com it shows me content from my server IP adress
/var/www/html/index.html instead /var/www/MyDomain.com/web/index.html
What's wrong?
I don't know what to look first, how to debug ?
Your varnish listen on :6081 and forward all requests to 127.0.0.1:81.
Your nginx listen on *:81
You should request MyDomain.com on port 6081.
If you request MyDomain.com on port 80 you are redirected to the default nginx page.
If you want to make sure, I would suggest to run a varnishlog which will tell you what's passing through varnish in real time.
I have magento website in Linux server (Varnish cache), some of the product details page shows error as
Error 503 Backend fetch failed Guru Meditation: XID: 98757
My website IP is 52.163.xxx.xx
Please find the below details and help me to fix this issue.
/etc/default/varnish
DAEMON_OPTS="-a :8080 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-s malloc,256m"
/etc/varnish/default.vcl
backend default{
.host = "127.0.0.1";
.port = "8080";
}
sudo service varnish restart
Stopping HTTP accelerator varnishd No /usr/sbin/varnishd found running; none killed.
[fail]
Starting HTTP accelerator varnishd [fail]
bind(): Address already in use
bind(): Address already in use
Error: Failed to open (any) accept sockets.
As I understand it, you are running varnish and backend webserver (say nginx or apache) on the very same linux machine, right?
First of all, try to run this command:
sudo netstat -anp | grep LISTEN | grep 8080
And see what process is bound on port 8080 and on which ip.
First part of your question suggests varnish is running, just not be able to connect to backend.
But the second part tells me you are not able to start varnish.
So please make it clear and perhaps attach output from the command above.
Let's continue with second part, i.e. varnish not able to start.
I guess you have backend server running on 8080, be it nginx, apache, whatever.
Your varnish backend config confirms it after all.
Check that web server is bound on 127.0.0.1 and not on 0.0.0.0 not to allow public traffic to connect directly do backend web server.
If this is the case, you have to change listening ip:port of varnish to non-colliding combination.
You can either:
change port to something else as 8080, let's say 80
change port of backend web server to something else if you need 8080 to be public
double check your backend web server is listening on localhost only and bind varnish to your public ip instead of 0.0.0.0 (default, means all machine's ips)
You can do the last option by changing main varnish configuration to:
DAEMON_OPTS="-a 52.163.xxx.xx:8080 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-s malloc,256m"
This scenario has one important drawback. If you somehow come to new public ip, you have to change it in main varnish configuration too. If this is something you can encode into automation recipe, it shouldn't be problem. But if you manage it by hand, be sure you have really good documenting practice or you'll be hunting ghost bugs in future. :)
One mistake is having both Varnish and your backend server running on the same port 8080. You have 2 options to solve this:
Most straightforward and simple. Adjust Varnish DAEMON_OPTS to listen on port 80.
It may still work on the same ports, provided that you make Varnish and your backend server listen on different interfaces:
Varnish would normally listen on external interface. Thus, adjust your Varnish listen parameter to be bound to specific IP: DAEMON_OPTS="-a 52.163.xxx.xx:8080 ...
Bind your backend server (Apache, Nginx, whatever) to listen only on the loopback interface, 127.0.0.1.
Your VCL is "empty" and you should be using corresponding plugin for Magento which will ensure that Varnish caches things, by generating correct VCL file for you:
Magento 1.x: Turpentine plugin
Magento 2.x: .. is able to generate VCL from admin backend of your Magento installation.
I have only one public ip address so use Varnish as a reverse proxy for multiple servers. Here is the configuration.
1st physical server Varnish/Apache - port 80, port 8080, ip address 10.0.0.40
2nd physical server 3 Drupal Vhosts - port 80, ip address 10.0.0.30
3rd physical server 2 Non Drupal Vhosts - port 80, ip address 10.0.0.31
In /etc/sysconfig/varnish,
DAEMON_OPTS="-a :80 \ -T localhost:6082 \ -f /etc/varnish/default.vcl \ -u varnish -g varnish \ -S /etc/varnish/secret \ -s file,/var/lib/varnish/varnish_storage.bin,1G"
In default vcl,
backend default { .host = "127.0.0.1"; .port = "8080"; }
Reverse proxy is working ok and I can see Varnish cache working by checking http header. However I am not sure above configuration is correct or optimal, especially only one backend definition on default vcl file. Any advice?
I suggest the following approach:
NGINX > VARNISH > APACHE
Nginx: to handle SSL termination easily and also you can use it to cache the static content. As far as I know that Nginx is better than Varnish in caching the static content also Varnish is not supposed to cache the static content.
Varnish: will receive requests from Nginx and pass it to Apache.
Apache: will act as a load balancer which will send the requests to the backend servers (Drupal/Non-drupal)
Check the following resources:
1- HTTPS Everywhere With Nginx, Varnish And Apache
2- Simple load balancing with Apache
If my answer is not clear enough let me know.
I use apache2 and varnish on a debian server, but i have 2 websites one use port 80 and other 443 but i dont have idea for use this with varnish
How i can use port 80 and 443 with varnish ?
Thanks you
/etc/default/varnish
DAEMON_OPTS="-a :80 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-s malloc,256m"
/etc/varnish/default.vcl
backend default {
.host = "127.0.0.1";
.port = "8080";
}
and apache2
NameVirtualHost 127.0.0.1:8080
Listen 127.0.0.1:8080
<VirtualHost 127.0.0.1:8080>
The "recommended" TLS termination companion to Varnish would be Hitch, which is from the same developers. It runs as an independent process and uses the HAProxy PROXY protocol to communicate with Varnish. What this entails Varnish-wise is listening on another port for the PROXY protocol.
Per the Varnish 4.1 documentation, you would listen on both the 6081 (or 80 as the case may be) as well as the internal port, such as 6086
varnishd -f /etc/varnish/default.vcl -a :6081 -a 127.0.0.1:6086,PROXY
You can use the std module to detect whether the origin request came over SSL by doing something like:
sub vcl_recv {
if (std.port(server.ip) == 443) {
set req.http.X-Proto = "https";
}
}