How do I setup Varnish 4.0 with nginx setup for subdomain site?

November 24, 2014 6.4k views

Can anyone help on how to configure Varnish cache 4.0 for subdomain site like foo.example.com instead of example.com ?

Running on LEMP stack and it's a Wordpress site.

I've installed Varnish 4.0 with the help from the link below. But their Varnish configuration guide is 3.0 and for a main domain site like www.example.com .

https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-nginx-php-and-varnish-on-ubuntu-12-04

2 Answers

Configuring Varnish 4.0 will be much the same as in that tutorial. Like in that article, you'll need to configure it to listen on port 80 and send requests to port 8080 where Nginx will listen. Varnish will pass everything on and Nginx will be responsible for routing the requests after that. If there is only one subdomain hosted on the server, then just make sure that server_name is correctly set in your Nginx configuration.

Here's a sample Nginx conf that you might use for a PHP site like WordPress:

server {
        listen 8080 default_server;

        root /var/www/html;
        index index.php index.html index.htm;

        server_name blog.example.com;

        location / {
                # try_files $uri $uri/ =404;
                try_files $uri $uri/ /index.php?q=$uri&$args;
        }

        error_page 404 /404.html;

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
                root /usr/share/nginx/html;
        }

        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
        }
}

Note it is listening on port 8080 and the server_name is set.

If you were hosting more than one site on the same server and you only wanted one to be cached by Varnish, you'll need to disable it for the subdomain in /etc/varnish/default.vcl by using something like:

if (req.http.host == 'notcached.example.com') {
    return (pass);
}
by Etel Sverdlov
Varnish is an HTTP accelerator and a useful tool for speeding up a server, especially during a times when there is high traffic to a site. It works by redirecting visitors to static pages whenever possible and only drawing on the server itself if there is a need for an active process. This tutorial covers installing wordpress on a LEMP stack (with nginx instead of apache), and then installing varnish.
  • Thanks Andrew, but I still can't get it working.

    2 problems:

    1. It seems to serve the index.html file at /usr/share/nginx/html which is not my server blocks being setup. Do I need to change anything for etc\nginx.conf file? Would it be my nginx server blocks not setting up properly? (elaborate below)

    2. Even varnish stopped running, and after I've setup all server blocks to listen to port 8080, I'm still able to access both example.com:80 and example.com:8080 with same content. How can I tell if varnish is really working? Can I try setting up the listen port to others like 6060?


    In sites-enabled\ I have both main site and subdomain virtual hosts setup (assume example.com and foo.example.com). Here are my config files:

    example.com

    server {
        listen 80;
        #listen [::]:80 default_server ipv6only=on;
        #listen 443 ssl spdy;
    
        root /var/www/html/example.com/public_html;
        index index.php index.html index.htm;
    
        # Make site accessible from http://localhost/
        server_name example.com www.example.com;
        #ssl_certificate /etc/nginx/ssl/nginx.crt;
            #   ssl_certificate_key /etc/nginx/ssl/nginx.key;
    
        location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
            # Uncomment to enable naxsi on this location
            # include /etc/nginx/naxsi.rules
        }
    
        error_page 404 /404.html;
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root /usr/share/nginx/html;
        }
    ...
    }
    

    foo.example.com

    server {
        listen 8080 default_server; ## listen for ipv4; this line is default and implied
        #listen [::]:80 default_server ipv6only=on;
        # listen 443 ssl spdy;
        #return 301 https://$host$request_uri;
    
        root /var/www/html/foo.example.com/public_html;
        index index.php index.html index.htm;
    
        # Make site accessible from http://localhost/
        server_name foo.example.com www.foo.example.com;
        # ssl_certificate /etc/nginx/ssl/nginx.crt;
            # ssl_certificate_key /etc/nginx/ssl/nginx.key;
    
        location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ /index.php?q=$uri&$args;
            # Uncomment to example.comxsi on this location
            # include /etc/nginx/naxsi.rules
        }
    ...
    }
    

    default.vcl

    backend default {
        .host = "127.0.0.1";
        .port = "8080";
    }
    
    sub vcl_recv {
        # Happens before we check if we have this in cache already.
        # 
        # Typically you clean up the request here, removing cookies you don't need,
        # rewriting the request, etc.
    
        if (!(req.url ~ "wp-(login|admin)")) {
                    unset req.http.cookie;
            }
    
        # Allow posts preview 
        if (req.url ~ "preview=true") { 
            return(pass); 
        }
    
    }
    
    # Drop any cookies Wordpress tries to send back to the client.
    sub vcl_backend_response {
        # Happens after we have read the response headers from the backend.
        # 
        # Here you clean the response headers, removing silly Set-Cookie headers
        # and other mistakes your backend does.
    
        if (!(bereq.url ~ "wp-(login|admin)")) { 
            unset beresp.http.set-cookie; 
        }
    }
    
  • Are there any other files in sites-enabled ? Make sure that the default site has been disabled.

    You also need to have both Nginx server blocks listening on port 8080. Varnish won't be able to bind to port 80 if Nginx already has.

    To make sure Varnish is working. You can curl your domain and look for the X-Varnish header.

  • Thank you, Andrew.

    I have to change /etc/nginx/nginx.conf to listen to 8080 too before it works.

    I can't get any X-Varnish when I curl my domain but I believe it works because there are stats printed when I execute varnishlog.

Have another answer? Share your knowledge.