Varnish Cache is an HTTP Accelerator designed for content-heavy dynamic websites and APIs. Varnish Cache is usually installed on the same web server, where Varnish Cache acts as the front-end and accelerator for the hosted websites. Varnish Cache is free and open source software which is distributed under two-clause BSD license.
Varnish cache supports multiple back-end hosts, therefore we can also used Varnish Cache as the Reverse Proxy for load balancing of a cluster of web servers.
In this article, we are installing and configuring Varnish Cache as Load Balancer on CentOS 7.
Table of Contents:
- Environment Specification
- Installing Apache HTTP Server on CentOS 7
- Configure Apache Virtual Hosts on CentOS 7
- Installing Varnish Cache on CentOS 7
- Configure Varnish Cache as Load Balancer on CentOS 7
Environment Specification:
We have configured a CentOS 7 virtual machine with following specifications:
- CPU - 3.4 Ghz (1 Core)
- Memory - 1 GB
- Storage - 20 GB
- Operating System - CentOS 7.7
- Hostname - varnish-cache-01.example.com
- IP Address - 192.168.116.213 /24
Installing Apache HTTP Server on CentOS 7:
Connect with varnish-cache-01.example.com using ssh as root user.
Build yum cache for standard CentOS 7 repositories.
# yum makecache fast
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.ges.net.pk
* extras: mirrors.ges.net.pk
* updates: mirrors.ges.net.pk
base | 3.6 kB 00:00
extras | 2.9 kB 00:00
updates | 2.9 kB 00:00
Metadata Cache Created
Update CentOS 7 server packages.
# yum update
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.ges.net.pk
* extras: mirrors.ges.net.pk
* updates: mirrors.ges.net.pk
No packages marked for update
Our CentOS 7 server is already up-to-date.
Install Apache HTTP server using yum command.
# yum install -y httpd
Start and enable Apache web service.
# systemctl enable --now httpd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
Allow HTTP service in CentOS 7 firewall.
# firewall-cmd --permanent --add-service=http success # firewall-cmd --reload success
Browse URL http://varnish-cache-01.example.com in a client's browser.
Apache HTTP server is successfully installed and it is serving the default test page.
Configure Apache Virtual Hosts on CentOS 7:
We are configure two virtual hosts here, that will run on two different ports.
Create document root directories for virtual hosts.
# mkdir /var/www/html/{vhost1,vhost2}
Create default index page for Virtual Host 1.
# cat > /var/www/html/vhost1/index.html << EOF > <html> > <head><title>Virtual Host1</title></head> > <body><h1>This is the default page of Virtual Host 1...</h1></body> > </html> > EOF
Similarly, create default index page for Virtual Host 2.
# cat > /var/www/html/vhost2/index.html << EOF > <html> > <head><title>Virtual Host2</title></head> > <body><h1>This is the default page of Virtual Host 2...</h1></body> > </html> > EOF
Create configuration file for Virtual Host1.
# vi /etc/httpd/conf.d/vhost1.conf
add following directives therein.
Listen 8081
<VirtualHost *:8081>
DocumentRoot "/var/www/html/vhost1"
ServerName vhost1.example.com
</VirtualHost>
Similarly, create configuration file for Virtual Host2.
# vi /etc/httpd/conf.d/vhost2.conf
add following directives therein.
Listen 8082
<VirtualHost *:8082>
DocumentRoot "/var/www/html/vhost2"
ServerName vhost2.example.com
</VirtualHost>
Check Apache configurations for syntax errors.
# httpd -t
Syntax OK
Since, we are running Apache websites on non-default ports, therefore, we have to add these ports to SELinux port labeling.
Check, if these ports are already added in SELinux.
# semanage port -l | grep ^http_port_t
http_port_t tcp 80, 81, 443, 488, 8008, 8009, 8443, 9000
Add ports 8081 and 8082 to type http_port_t SELinux context.
# semanage port -m -t http_port_t -p tcp 8081 # semanage port -m -t http_port_t -p tcp 8082
Verify if these ports are added in SELinux port labeling.
# semanage port -l | grep ^http_port_t
http_port_t tcp 8082, 8081, 80, 81, 443, 488, 8008, 8009, 8443, 9000
Now, we can safely load our Apache configurations.
# systemctl reload httpd.service
Allow 8081/tcp and 8082/tcp service ports in CentOS 7 firewall.
# firewall-cmd --permanent --add-port={8081,8082}/tcp success # firewall-cmd --reload success
Open URL http://varnish-cache-01.example.com:8081/ in a web browser.
Open URL http://varnish-cache-01.example.com:8082/ in a web browser.
Both of our Apache virtual hosts has been configured successfully.
Installing Varnish Cache on CentOS 7:
Varnish Cache software is available in EPEL (Extra Packages for Enterprise Linux) yum repository.
Therefore, first we have to enable EPEL yum repository as follows.
# yum install -y epel-release
Build cache for EPEL yum repository.
# yum makecache
Now, we can install Varnish Cache software using yum command.
# yum install -y varnish
We have installed the default version of Varnish Cache that is available in EPEL yum repository. However, you can always download and install a latest version of Varnish Cache from their Official Download Page.
Configure Varnish Cache as Load Balancer on CentOS 7:
Before configuring Varnish Cache, we are required to free the port 80 that is currently used by Apache HTTP server.
The directive that controls the service port 80 is defined in /etc/httpd/conf/httpd.conf file.
We can change it using a sed command.
# sed -i "s/Listen 80/Listen 8080/" /etc/httpd/conf/httpd.conf
Restart the Apache service to take changes into effect.
# systemctl restart httpd.service
Now, port 80 is available and we can use it for Vanish Cache service.
Edit Varnish Cache configuration file.
# vi /etc/varnish/varnish.params
Locate and set following directive therein.
VARNISH_LISTEN_PORT=80 #Default Port 6081
We have changed the Varnish Cache default port 6081 with 80.
It's time to configure the backend for Varnish Cache server.
These settings are located in /etc/varnish/default.vcl file. We can easily replace this file with our custom configurations.
Rename the existing default.vcl file using mv command.
# mv /etc/varnish/default.vcl /etc/varnish/default.vcl.org
Create a custom backend configuration file.
# vi /etc/varnish/default.vcl
and add following lines of codes.
vcl 4.0;
import directors; # Load the directors
backend vhost1 {
.host = "192.168.116.213";
.port = "8081";
.probe = {
.url = "/";
.timeout = 1s;
.interval = 5s;
.window = 5;
.threshold = 3;
}
}
backend vhost2 {
.host = "192.168.116.213";
.port = "8082";
.probe = {
.url = "/";
.timeout = 1s;
.interval = 5s;
.window = 5;
.threshold = 3;
}
}
sub vcl_init {
new lb = directors.round_robin(); # Creating a Load Balancer
lb.add_backend(vhost1); # Add Virtual Host 1
lb.add_backend(vhost2); # Add Virtual Host 2
}
sub vcl_recv {
# send all traffic to the lb director:
set req.backend_hint = lb.backend();
}
Enable and start Varnish Cache service.
# systemctl enable --now varnish.service
Created symlink from /etc/systemd/system/multi-user.target.wants/varnish.service to /usr/lib/systemd/system/varnish.service.
Enable and start Varnish Cache logging service.
# systemctl enable --now varnishlog.service
Created symlink from /etc/systemd/system/multi-user.target.wants/varnishlog.service to /usr/lib/systemd/system/varnishlog.service.
Verify the backend list using following command.
# varnishadm backend.list
Backend name Refs Admin Probe
vhost1(192.168.116.213,,8081) 1 probe Healthy 5/5
vhost2(192.168.116.213,,8082) 1 probe Healthy 5/5
Check our website’s response header.
# curl -I http://varnish-cache-01.example.comHTTP/1.1 200 OK Date: Sun, 13 Oct 2019 16:24:07 GMT Server: Apache/2.4.6 (CentOS) Last-Modified: Sun, 13 Oct 2019 09:35:58 GMT ETag: "7d-594c77a7e0839" Content-Length: 125 Content-Type: text/html; charset=UTF-8 X-Varnish: 32770 Age: 0 Via: 1.1 varnish-v4 Connection: keep-alive
Open URL http://varnish-cache-01.example.com in a web browser.
The Varnish Cache load balancer redirects user requests to Virtual Host 1 and Virtual Host 2 in a round robin way.
We have successfully configured Varnish Cache as load balancer on CentOS 7.
No comments:
Post a Comment