Varnish Frontend
This playbook provisions NetActuate virtual servers and configures them as Varnish caching frontends. Use this to deploy a caching layer in front of your web application for improved performance and reduced backend load.
Provisioning Playbook
---
- hosts: localhost
connection: local
gather_facts: false
vars:
api_key: "{{ lookup('env', 'NETACTUATE_API_KEY') }}"
varnish_plan: "VR4096x2x60"
varnish_image: "ubuntu-24.04"
varnish_locations:
- ashburn
- losangeles
tasks:
- name: Create Varnish frontend servers
netactuate.cloud.server:
api_key: "{{ api_key }}"
hostname: "varnish-{{ item }}"
plan: "{{ varnish_plan }}"
location: "{{ item }}"
image: "{{ varnish_image }}"
state: present
loop: "{{ varnish_locations }}"
register: varnish_servers
- name: Add servers to in-memory inventory
add_host:
name: "{{ item.ip_address }}"
groups: varnish_frontends
loop: "{{ varnish_servers.results }}"
Configuration Playbook
---
- hosts: varnish_frontends
become: true
gather_facts: true
vars:
varnish_memory: "256m"
backend_host: "127.0.0.1"
backend_port: 8080
tasks:
- name: Install Varnish
apt:
name: varnish
state: present
update_cache: true
- name: Configure Varnish VCL
copy:
dest: /etc/varnish/default.vcl
content: |
vcl 4.1;
backend default {
.host = "{{ backend_host }}";
.port = "{{ backend_port }}";
.connect_timeout = 5s;
.first_byte_timeout = 30s;
.between_bytes_timeout = 10s;
.probe = {
.url = "/health";
.timeout = 2s;
.interval = 5s;
.window = 5;
.threshold = 3;
}
}
sub vcl_recv {
if (req.method == "PURGE") {
return (purge);
}
if (req.url ~ "\.(css|js|png|jpg|jpeg|gif|ico|woff2|svg)$") {
unset req.http.Cookie;
return (hash);
}
if (req.http.Authorization || req.http.Cookie ~ "session") {
return (pass);
}
}
sub vcl_backend_response {
if (beresp.ttl <= 0s || beresp.http.Set-Cookie) {
set beresp.uncacheable = true;
return (deliver);
}
if (bereq.url ~ "\.(css|js|png|jpg|jpeg|gif|ico|woff2|svg)$") {
set beresp.ttl = 7d;
}
set beresp.grace = 1h;
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
}
notify: Restart Varnish
- name: Configure Varnish service parameters
copy:
dest: /etc/default/varnish
content: |
DAEMON_OPTS="-a :80 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-s malloc,{{ varnish_memory }}"
- name: Configure systemd override for Varnish
file:
path: /etc/systemd/system/varnish.service.d
state: directory
- name: Set Varnish listen port
copy:
dest: /etc/systemd/system/varnish.service.d/override.conf
content: |
[Service]
ExecStart=
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,{{ varnish_memory }}
notify:
- Reload systemd
- Restart Varnish
- name: Start and enable Varnish
systemd:
name: varnish
state: started
enabled: true
handlers:
- name: Reload systemd
systemd:
daemon_reload: true
- name: Restart Varnish
systemd:
name: varnish
state: restarted
Verifying the Cache
Test that Varnish is caching responses:
curl -I http://your-varnish-server/
Look for the X-Cache: HIT header on subsequent requests to confirm caching is working.
Tuning
- Increase
varnish_memoryfor larger cache sizes. A good starting point is 75% of available RAM. - Adjust TTL values in the VCL to match your content update frequency.
- Use
varnishstatandvarnishlogon the server to monitor cache performance.
Need Help?
If you need assistance deploying Varnish, visit our support page.