Create a Reverse Proxy and Cache using Varnish

To support AMP pages over HTTPS using a CNAME, a reverse proxy must be set up.

To configure a reverse proxy and HTTP cache using Varnish, the following steps must be performed.

Varnish changed much of their syntax and configuration following version 4.x. This procedure assumes that Varnish with a version of 4 or higher is already installed.

To install varnish use the appropriate package manager on your server.

 

1 - Configure Varnish Backend with Systemd

Recent versions of Debian (8 and newer) and ubuntu (15.04) and newer require Varnish configuration through systemd. 

For other servers this step may be skipped.

 

  1. Open the varnish.service file to set the correct port number. The file is located at /lib/systemd/system/varnish.service.
  2. Find the following line and change the port number to 80. This is done by changing  -a :6082  to  -a :80. 

    ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
  3. Save and exit.

  4. Reload systemd:

    ~$ sudo systemctl daemon-reload


2 - Edit the Varnish file to use the HTTP Port

  1. This file is located at /etc/default/varnish.
  2. In this file, most of the lines are commented out. Find the following DAEMON_OPTS line (it should be uncommented already).
  3. Find the following line and change the port number to 80. This is done by changing  -a :6082  to  -a :80. 

    DAEMON_OPTS="-a :80 \
  4. Save and exit.

3 - Modify Varnish proxy and cache configuration 

The following is an example of the Varnish default.vcl configuration file containing the additional syntax required. The syntax for the reverse proxy and cache configuration is in red

In the example below, the placeholder < DNS > is used. The correct DNS entry will be provided by the Customer Success team.

1) Replace the placeholder with the correct DNS entry. The file is located at /etc/varnish/default.vcl.

----------------------------------------------------------------------------------------------------------

# Default backend definition. Set this to point to your content server.
backend default {

            .host = "< DNS>";
            .port = "80";
}

sub vcl_recv {
       # Happens before we check if we have this in cache already.
       #
       # Typically you clean up the request here, removing cookies you don't need,
       # rewriting the request, etc.
       unset req.http.Cookie;
       unset req.http.Cache-Control;
}

sub vcl_backend_response {
       # Happens after we have read the response headers from the backend.
       #
       # Here you clean the response headers, removing silly Set-Cookie headers
       # and other mistakes your backend does
       unset beresp.http.Cache-Control;
       unset beresp.http.set-cookie;
}

sub vcl_deliver {
       # Happens when we have all the pieces we need, and are about to send the
       # response to the client.
       #
       # You can do accounting or modifying the final object here.
)

-------------------------------------------------------------------------------------------------------------

2) Save and Exit

4 - Restart the Varnish Cache

Restart the Varnish cache to put the changes into place.

description To configure a reverse proxy and HTTP cache using Varnish, publishers need to follow these steps.