How to Install and Configure Varnish on CentOS 7

Installing and Configuring Varnish on CentOS 7


Varnish is a reverse HTTP proxy, sometimes referred to as a HTTP accelerator or a web accelerator. It stores files or fragments of files in memory, allowing them to be served quickly. It is essentially a key/value store, that usually uses the URL as a key. It is designed for modern hardware, modern operating systems and modern work loads.

Many websites benefit from putting Varnish (or any caching layer) in front of their web servers. Doing so can help reduce the load on the backend web servers, as well as improve the overall user experience as cached requests should be served much quicker.

Add the EPEL yum repository

At the time of this writing, Varnish does not offer an official repository for EL7, but you can still use the EPEL repository which should have a reasonably up-to-date version available.

You can install/enable the repo with:

yum install

Install Varnish

yum install varnish

Configure Varnish

Before starting Varnish, you'll want to add a default configuration.

By default, /etc/varnish/default.vcl is loaded when varnish starts. It uses as the sole backend, and lets all requests pass through the builtin VCL. If your backend (apache, nginx, uwsgi, etc) is not listening on, then you will want to change this section:

# Default backend definition. Set this to point to your content server.
backend default {
    .host = "";
    .port = "8080";

Open up /etc/varnish/varnish.params in your favorite editor, and change:



# Adjust 512m to something suitable for the amount of ram your server has.  If you only have a 512mb
# cloud instance, then try 128m or something smaller to ensure you don't run out of ram.

The above change will cause Varnish to store its' cache in memory, instead of on disk. This is typically desired since it should be faster.

Another option you may want to change is VARNISH_LISTEN_PORT. By default, it is set to 6081. Most of the time, you will want to set this to 80 which is the default http port. It is a good idea to test your varnish configuration on a non-standard port when starting out, and then switch to port 80 when it is ready to serve your site.

Start Varnish

First, set Varnish to start on system boot:

[root@cent7-kb01 ~]# systemctl enable varnish
ln -s '/usr/lib/systemd/system/varnish.service' '/etc/systemd/system/'

Now, start it and make sure there are no errors:

[root@cent7-kb01 ~]# systemctl start varnish
[root@cent7-kb01 ~]# systemctl status varnish
varnish.service - Varnish a high-perfomance HTTP accelerator
   Loaded: loaded (/usr/lib/systemd/system/varnish.service; enabled)
   Active: active (running) since Fri 2015-03-20 12:47:36 CDT; 1min 30s ago
  Process: 5132 ExecStartPre=/usr/sbin/varnishd -C -f $VARNISH_VCL_CONF (code=exited, status=0/SUCCESS)
 Main PID: 5154 (varnishd)
   CGroup: /system.slice/varnish.service
           ├─5154 /usr/sbin/varnishd -P /var/run/ -f /etc/varnish/default.vcl -a :80 -T -t 120 -u varnish -g varnish -S /etc/varnish/secret -s file,/var/lib/varnish/varnish_storage.bin,1G
           └─5155 /usr/sbin/varnishd -P /var/run/ -f /etc/varnish/default.vcl -a :80 -T -t 120 -u varnish -g varnish -S /etc/varnish/secret -s file,/var/lib/varnish/varnish_storage.bin,1G

Mar 20 12:47:36 cent7-kb01 varnishd[5132]: .backend_error_func = VGC_function_vcl_backend_error,
Mar 20 12:47:36 cent7-kb01 varnishd[5132]: .init_func = VGC_function_vcl_init,
Mar 20 12:47:36 cent7-kb01 varnishd[5132]: .fini_func = VGC_function_vcl_fini,
Mar 20 12:47:36 cent7-kb01 varnishd[5132]: };
Mar 20 12:47:36 cent7-kb01 systemd[1]: Failed to read PID from file /var/run/ Invalid argument
Mar 20 12:47:36 cent7-kb01 varnishd[5154]: Platform: Linux,3.10.0-123.20.1.el7.x86_64,x86_64,-sfile,-smalloc,-hcritbit
Mar 20 12:47:36 cent7-kb01 systemd[1]: Started Varnish a high-perfomance HTTP accelerator.
Mar 20 12:47:36 cent7-kb01 varnishd[5154]: child (5155) Started
Mar 20 12:47:36 cent7-kb01 varnishd[5154]: Child (5155) said Child starts
Mar 20 12:47:36 cent7-kb01 varnishd[5154]: Child (5155) said SMF.s0 mmap'ed 1073741824 bytes of 1073741824
[root@cent7-kb01 ~]#

Test that it worked

Assuming all went well, you should be able to visit your site in a browser, optionally using port 6081 if you did not change it. You can also use curl to check the headers being returned:

[root@cent7-kb01 ~]# curl -I http://localhost:80
HTTP/1.1 200 OK
Server: nginx/1.6.2
Date: Fri, 20 Mar 2015 17:50:17 GMT
Content-Type: text/html
Last-Modified: Wed, 22 Oct 2014 19:50:12 GMT
ETag: "54480a74-e74"
X-Varnish: 32772 3
Age: 62
Via: 1.1 varnish-v4
Content-Length: 3700
Connection: keep-alive

Notice how the Age and X-Varnish headers both get set now. You can use this to tell whether your content is being cached.

Caveat: Cookies and "Why isn't my site being cached?"

You'll have to be aware that the default.vcl included with varnish tries to stay out of your way by only caching things that it thinks can be cached with no harm. This means any requests that contain cookies, or other headers that indicate caching shouldn't be used, will cause varnish to pass the request to the backend.

The following example from VCLExampleCacheCookies shows how you can ignore cookies on urls containing extensions that are likely to be static content:

sub vcl_recv {
 if (req.url ~ "\.(png|gif|jpg|swf|css|js)$") {

# strip the cookie before the image is inserted into cache.
sub vcl_fetch {
 if (req.url ~ "\.(png|gif|jpg|swf|css|js)$") {
   unset beresp.http.set-cookie;

Now that you have varnish installed and running, here are several links that should help with figuring out where to go from here:

Posted in
Last update:
2016-04-04 13:48
Average rating:0 (0 Votes)