Varnish is a proxy server which can be used for HTTP caching. It can act as a reverse proxy for nginx. Here we are going to look how we can configure varnish as a reverse proxy for nginx web server.
Prerequisites:
- Ubuntu 16.04
- Root Privileges
Step 1: Installing nginx
We can install Nginx from the Ubuntu repository using the apt command
root@rootadminz:~# apt install nginx -y
After the installation is complete, start Nginx and enable it to launch every time at system boot using the systemctl commands below.
root@rootadminz:~#systemctl start nginx root@rootadminz:~#systemctl enable nginx
Step 2: Configuring Nginx
We will configure nginx to run under non-standard HTTP port 8080. For this purpose, we need to edit virtual host files under ‘sites-available’ directory and change the ‘listen’ line value to 8080.
root@rootadminz:~#vi /etc/nginx/sites-available/default ------------------------------ listen 8080 default_rootadminz; listen [::]:8080 default_rootadminz; -------------------------------
Now test the nginx rootadminz using the command “nginx -t” and restart the service.
root@rootadminz:~# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
root@rootadminz:~#systemctl restart nginx
Step 3: Installing Varnish
Installing varnish from the Ubuntu repository using apt command. After installing start and enable it to launch at system boot.
apt install varnish -y
root@rootadminz:~#systemctl start varnish root@rootadminz:~#systemctl enable varnish
Step 4 – Configuring Varnish as a Reverse Proxy for Nginx
Here we are using Varnish as a reverse proxy for the Nginx web server. So Varnish will be running on the HTTP port 80, and the Nginx web server on HTTP port 8080.
Go to the varnish configuration directory and edit the ‘default.vcl’ file.
root@rootadminz:~#vi /etc/varnish/default.vcl
On the backend line, define the configuration as below.
backend default { .host = "127.0.0.1"; .port = "8080"; }
After that edit the Varnish configuration file and on the ‘DAEMON_OPTS’ line, change the default port 6081 to HTTP port 80.
root@rootadminz:~#vi /etc/default/varnish ----------------------------------------- DAEMON_OPTS="-a :80 \ -T localhost:6082 \ -f /etc/varnish/default.vcl \ -S /etc/varnish/secret \ -s malloc,256m" --------------------------------------------
Now go to the systemd system directory and edit the varnish.service file.
vi /lib/systemd/system/varnish.service
Step 5: Reload the systemd configuration and restart varnish.
root@rootadminz:~#systemctl daemon-reload root@rootadminz:~#systemctl restart varnish
Step 6 : Configuring UFW Firewall
In this step, we will activate the firewall and open new ports for SSH, HTTP, and HTTPS.
root@rootadminz:# ufw allow ssh root@rootadminz:# ufw allow http root@rootadminz:# ufw allow https
Step 7: Testing
Test varnish using the curl command, so we can see HTTP headers from the server.
root@rootadminz:~# curl -I http://214.158.102.156 HTTP/1.1 200 OK rootadminz: nginx/1.10.3 (Ubuntu) Date: Mon, 12 Aug 2019 09:58:33 GMT Content-Type: text/html Last-Modified: Mon, 08 Aug 2019 10:36:49 GMT ETag: W/"5c7cffc1-2a" Vary: Accept-Encoding X-Varnish: 5 3 Age: 7 Via: 1.1 varnish-v4 Accept-Ranges: bytes Connection: keep-alive
Thank You for reading!!