Status
Not open for further replies.

tuxicans

Active Member
Oct 16, 2008
38
0
56
I think we can, but I don't think there is an easy way.

This is the most basic setup for varnish to start running.

varnishd -a :80 -b localhost:8080 -T localhost:6082

Here 80 is the port where varnish will accept the http connections from outside,
8080 is the http port on the server and 6082 is the management port, which means either we have to change http port on the server or the port that it listens to from outside.

I think both these would be hard to achieve.
 

britsenigma

Well-Known Member
Dec 14, 2008
85
0
56
You can change the apache port for a test by editing this file:

/usr/local/apache/conf/httpd.conf

and finding:

Listen 0.0.0.0:80

Now, there is a comment above that:

"/var/cpanel/cpanel.config"

There is a line there like so:
apache_port=0.0.0.0:80

Now, I dont' know the inheritance involved with the config files, but I would assume the apache_port in cpanel.config would be of the highest level, and I assume when you make changes to the apache config (in whm) and save, it would pull the values of this file and set them permanently.

There is a note in the cpanel.config that you need to run this script after making changes to save them:

/usr/local/cpanel/whostmgr/bin/whostmgr2 --updatetweaksettings

I'll follow this thread, if you have any luck let me know how it goes.
 

tuxicans

Active Member
Oct 16, 2008
38
0
56
You can change the apache port for a test by editing this file:

/usr/local/apache/conf/httpd.conf

and finding:

Listen 0.0.0.0:80

Now, there is a comment above that:

"/var/cpanel/cpanel.config"

There is a line there like so:
apache_port=0.0.0.0:80

Now, I dont' know the inheritance involved with the config files, but I would assume the apache_port in cpanel.config would be of the highest level, and I assume when you make changes to the apache config (in whm) and save, it would pull the values of this file and set them permanently.

There is a note in the cpanel.config that you need to run this script after making changes to save them:

/usr/local/cpanel/whostmgr/bin/whostmgr2 --updatetweaksettings

I'll follow this thread, if you have any luck let me know how it goes.
Does this change the port settings on VirtualHost as well?
 
Last edited:

johnburk

Well-Known Member
Jun 23, 2006
241
0
166
I know this is an old topic, but does cPanel now support Varnish?
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
43
348
somewhere over the rainbow
cPanel Access Level
Root Administrator
The better method to change the port is just to go into WHM > Tweak Settings and change it there over manually editing the configuration file for it. The area in Tweak Settings would be:

Code:
The port on which Apache listens for HTTP connections. 
Specifying a specific IP will prevent Apache from listening on all other IPs. 
(default: 0.0.0.0:80)
There you'll see 0.0.0.0:80 and just changing to the new port would change it for the port Apache listens. Apache Status and other areas don't necessarily update for the change on pre-EDGE (before 11.27+) machines, though.

As for cPanel supporting Varnish, what is meant specifically by support? cPanel would be unable to support a 3rd party product directly that is not part of cPanel / WHM. If instead the question is whether Varnish can be installed onto cPanel successfully, it probably could be installed.

I'll check into it and see how it works. If I am able to provide any details on the results after doing so, I'll post them here.
 

EmptyMind

Registered
PartnerNOC
May 3, 2006
3
0
151
I just setup a quick varnish install on a cpanel box that so far seems to be working. (Not in production yet, so may require a few tweaks in the near future).

The steps I took were: (please excuse the '#'s, I put them in to aid in copy and pasters.)

#install the epel repository as per the instructions at:
#Extra Packages for Enterprise Linux (EPEL) v5 yum repository configuration — Lucid Solutions

#install varnish from the newly added repo
yum install varnish

#use the whm tweak settings to configure apache to listen on "0.0.0.0:8888"

#edit the file /etc/sysconfig/varnish to listen to port 80
#also change the vcl filename from 'default.vcl' to something else which we
#will create/edit in a sec

DAEMON_OPTS="-a :80 \
-T localhost:6082 \
-f /etc/varnish/servername.vcl \
-u varnish -g varnish \
-s file,/var/lib/varnish/varnish_storage.bin,1G"

#there are obviously many options that can be tweaked in this file for #example some common settigns for a BUSY server would be to raise the
#default listeners like so

-p thread_pools=8 \
-p thread_pool_max=5000 \
-p thread_pool_min=100 \
-p thread_pool_add_delay=2 \
-p sess_timeout=60"

#remembering of course to move the " to the end and escape the other line
#with a \ :)
#you could also adjust the size of your 'cache' by raising it above.

#the next step is to go to the /etc/varnish/ directory
#copy the 'default.vcl' file to the 'servername.vcl' that you defined above.
#this is where the 'magic' happens.
#for EACH ip on the server, you should create a 'backend', an 'acl', and an if
#statement in the 'sub vcl_recv'

#note that the names I use are arbitrary, you could name your backend
#'candycane' for all it cares, however, I do know from experience that the
#names don't like having '.'s in them, or starting with a number. :)

#for this example we'll add 2 ip's. 192.168.100.10 and 192.168.100.11. #change these to the actual IP's on your server as appropriate.
#so under the 'backend default' declaration add 2 entries like this:

backend b192_168_100_10 {
.host = "192.168.100.10";
.port = "8888";
}
backend b192_168_100_11 {
.host = "192.168.100.11";
.port = "8888";
}

#good so far, now under those add some acl entries like this:

acl a192_168_100_10 {
"192.168.100.10";
}
acl a192_168_100_11 {
"192.168.100.11";
}

#now we make the glue that pulls those entries together the 'sub vcl_recv'
#there is a commented out entry for one, don't uncomment it just create a
#new one. under the acl's. Which will look like this:

sub vcl_recv {
if (server.ip ~ a192_168_100_10) {
set req.backend = b192.168.100.10;
}
if (server.ip ~ a192_168_100_11) {
set req.backend = b192_168_100_11;
}
}

#so note, multiple 'backend', and 'acl' entries, but only ONE 'sub vcl_recv'
#with multiple entries.

#save the file and restart apache (in case cpanel didn't
#already, but it should have), then startup varnish.

service httpd restart
service varnish start

#you should now be able to access your site, and it will be flying though the
#varnish cache. That being said, there is alot of tuning to be done still. But it
#'works'. :)

#a known 'issue' with this setup will be that the apache logs and therefore
#your stats will show all accesses coming from the varnish server instead of
#the client's actual ip. This is addressed by using an apache module called
#mod_rpaf, which takes the x-forwarded-for header and uses that for logging.
#Installing custom modules into cpanels apache is another post altogether,
#But that should point you in the right direction.

#so there you go, for those that want to try this out, this should get you
#up and onto how to actually tune/configure varnish to actually do
#something useful. Like actually cache pages. :)

James Mackie
EZProvider Networks, Inc.
Fast Hosting: EZP.net
 

quad3datwork

Registered
Jul 2, 2010
2
0
51
Austin, TX
(Sorry for my ignorance)

Hi James,
So you are saying Varnish does not have to deal with virtual domains? I know couple third-party nginx reverse proxy add-ons have to deal with this.
 

EmptyMind

Registered
PartnerNOC
May 3, 2006
3
0
151
Like I said there is plenty of configuration options. And this is just a 'how to get started' post.

This is a one to one mapping of IP's from the front facing varnish to the apache backend. Assuming that you require varnish on a cpanel server, I'd assume that you have the control to assign dedicated IP's to your sites.

Additionally you COULD modify the ACL to do a check for the hostname thats sent over, and redirect the backend that way. But since the backends are only defined by IP and not IP/Host, I think its easier to do it by IP. If I recall from my previous experience thou, that the IP-> IP mapping worked with multiple sites on a shared IP. (I could be wrong, its been a while since i worked on that configuration). Since all varnish does is forward the request through, and cache the result.

Varnish's default cache mechanism appears to be:

sub vcl_hash {
set req.hash += req.url;
set req.hash += req.http.host;
hash;
}

Which indexes the object based on the URL requested and the HOSTNAME that was requested, based on this information, whether the virtualhost has a dedicated, or shared IP, is irrelevant. The reason multiple IP entries are required above is because apache itself is configured to only serve certain websites on certain IP's, so the hostname and requested ip need to match, and those rules allow that to occur.

James Mackie
http://www.EZP.Net
Ezprovider Networks Inc.
 

pricejn2

Member
Nov 6, 2010
7
0
51
Hello all,

I'm working on migrating my sites (~50) to Varnish. I'd like to do some testing on a few sites before transitioning them all. I currently have 4 IPs with a single site assigned its own IP. I'm fairly new to cPanel and Varnish and am struggling to see how to have one site running with Varnish in front of Apache for one site but not all.

Thanks,
-Joe
 

EmptyMind

Registered
PartnerNOC
May 3, 2006
3
0
151
There is a reason that you are struggling.

The configuration modification required to make this happen, is incompatible with cpanel. There is no way for you to tell cpanel to have apache listen on port 8888 for SiteA, But still listen on port 80 for SiteB. You could try manually editing the httpd.conf, but I'd almost guarantee that cpanel will overwrite those changes the next time it updates the file.

The Configuration Required to have this work, is to modify the apache configuration so that it is specifically told WHICH IP/ports to listen on using 'listen' configuration options.

Then add the ip/port combination to the virtualhost entries. With the sites that you want varnish to handle listening on the higher port ('8888' is what I use in my example), and the ones that apache should handle directly on port 80.

As far as I can tell there is no way to tell varnish to listen on multiple specific ips. You get ONE ip, or ALL ip's. So in order to pull this "some with, some without" configuration, you need to setup a separate configuration, and instance, of varnish for each IP you want to have varnish running on.

This of course being on a custom, NON-Cpanel, server. The split port configuration is not supported by cpanel. Your best option would probably be to split your sites across 2 servers/vps's, one with varnish installed, and one without.

James Mackie
http://www.EZP.Net
Ezprovider Networks Inc.
 

pricejn2

Member
Nov 6, 2010
7
0
51
There is no way for you to tell cpanel to have apache listen on port 8888 for SiteA, But still listen on port 80 for SiteB.
Many thanks EmptyMind for confirming this for me.

Your best option would probably be to split your sites across 2 servers/vps's, one with varnish installed, and one without.
I will definitely pursue this route for my larger sites.

Thanks again.
 

NickJ

Member
Jun 16, 2004
9
0
151
Nasik
Dear James,

Indeed, the information you have shared is very helpful but a small correction in "sub vcl_recv" section which baffled me :confused: for sometime as I am not sure about how to record the startup logs for varnish :)
sub vcl_recv {
if (server.ip ~ a192_168_100_10) {
set req.backend = b192.168.100.10;
}
if (server.ip ~ a192_168_100_11) {
set req.backend = b192_168_100_11;
}
}
It should be something like this.
sub vcl_recv {
if (server.ip ~ a192_168_100_10) {
set req.backend = b192_168_100_10;
}
if (server.ip ~ a192_168_100_11) {
set req.backend = b192_168_100_11;
}
}

Thank you once again for sharing the information :)
 

texo

Well-Known Member
Mar 28, 2007
151
6
168
cPanel Access Level
Root Administrator
That sounds interesting, Joe, and I can't wait to try it out. Been waiting quite a few hours for my order to be processed...
 

UNIXy

Well-Known Member
Verifed Vendor
Sep 21, 2009
75
0
56
Houston, Texas, USA
cPanel Access Level
DataCenter Provider
That sounds interesting, Joe, and I can't wait to try it out. Been waiting quite a few hours for my order to be processed...
Hi Texo,

Thank you for signing up. The first batch of licenses are going to be processed early next week. Apologies for the delay.

Best Regards
Joe / UNIXY
 
Status
Not open for further replies.