1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Install Varnish with Plesk 10.3

Discussion in 'Plesk 10.x for Linux Issues, Fixes, How-To' started by RaphaëlD, Nov 22, 2011.

  1. RaphaëlD

    RaphaëlD New Pleskian

    12
    60%
    Joined:
    Nov 22, 2011
    Messages:
    4
    Likes Received:
    0
    Hello,

    I have a dedicated server with Plesk 10.3 in ubuntu 11.04

    I try to install Varnish as HTTP Accelerator.

    1) I managed to change the default port for apache: http://kb.parallels.com/11232
    2) I followed a tutorial to install varnish: http://www.euperia.com/linux/setting-up-varnish-with-apache-tutorial

    3) When I try to access my site (I have only one vhost currently), the site m'affiche the famous "IT works" Apache instead of my current site. I think my vhost does not listen to the correct port.

    Does anyone have an idea of ​​configurations to accommodate Varnish with Plesk?

    Thank you for your assistance to come.
     
  2. RaphaëlD

    RaphaëlD New Pleskian

    12
    60%
    Joined:
    Nov 22, 2011
    Messages:
    4
    Likes Received:
    0
    I continued to work on Varnish + Plesk ... but it still does not work.

    1) I changed the port for apache in plesk General

    # mysql -uadmin -p`cat /etc/psa/.psa.shadow` -D psa -e'replace into misc (param, val) values ("http_port", 8008)'

    1.1) I rebuild the server conf

    # /usr/local/psa/admin/bin/httpdmng --reconfigure-all


    2) I changed the apache conf files (if those were not taking full plesk top)

    vim /etc/apache2/ports.conf

    NameVirtualHost *:8008
    Listen 8008

    2.1) I do the same with `/etc/apache2/sites-enables/000-default`

    3) I changed the port of my vhost (a single server)

    vim /var/www/vhosts/MYDOMAIN.COM/conf/XXXXXXXXX.http.include

    Replace the port 80 by this I want.

    Rebuild the vhost conf

    /usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=<domain_name>
    with <domain_name> without www

    (See my issue in serverfault: http://serverfault.com/questions/333652/edit-vhost-port-in-plesk-10-3 )

    4) I installed varnish by following this tutorial : http://www.euperia.com/linux/setting-up-varnish-with-apache-tutorial

    5) I restart apache 2 + varnish

    service apache2 restart
    service varnish restart

    When I go to my site, I come across a page of apache

    It works!

    This is the default web page for this server.

    The web server software is running but no content has been added, yet.

    Can somebody help me ?

    This means that my vhost does not point to the right place.
    Why? What to do? How?
     
  3. ArduinoP

    ArduinoP Guest

    0
     
    Hello,


    i'm having similar issue on my server. Right now i'have this configuration:

    Varnish default.vlc:

    backend default {
    .host = "domain1.it";
    .port = "8080";

    }

    (where domain1.it is one of my domain)

    Apache
    Listen 8080

    Servers IP example: 1.1.1.1 - 1.1.1.2 - 1.1.1.3

    domain1 is on IP 1.1.1.3 and it's resolving well on port 80 with varnish.

    Then i have other 20 websites that are located on 1.1.1.1 or 1.1.1.2 that are showing Plesk default page right now, but they're loading on port 8080.

    I've tryed adding this second backend:

    backend domain2 {
    .host = "127.0.0.1";
    .port = "8080";
    }
    sub vcl_recv {
    if (req.http.host == "domain2.it") {
    #You will need the following line only if your backend has multiple virtual host names
    set req.http.host = "domain2.it";
    set req.backend = domain2;
    return (lookup);
    }
    }


    with no luck yet, i've looked at vhost.conf of all my domains and all of them are to run on port 8080, but i can't understand why only 1 domain is loading correctly on port 80 and all other are on port 8080.

    Hope someone could help.

    Regards in advance. :)
     
    Last edited by a moderator: Feb 17, 2012
  4. ArduinoP

    ArduinoP Guest

    0
     
    So i'm moving all my website to IP releated to domain1.it as this is the only IP that make pages load normally. Don't ask me why 'cause i've no idea, i would have prefered to have websites on different IPs but this actually seems to be impossibile with varnish...
     
  5. nevakee

    nevakee Basic Pleskian

    19
    60%
    Joined:
    Dec 12, 2010
    Messages:
    61
    Likes Received:
    0
    I've solved it with iptables.
    Apache run normally on port 80 and varnish on port 8080 for example.

    /etc/varnish/default.vcl:
     
  6. ArduinoP

    ArduinoP Guest

    0
     
    So this is working also for more than 1 IP?

    edit: you just setup default backend with 1 random ip associated with your server, right?
     
  7. nevakee

    nevakee Basic Pleskian

    19
    60%
    Joined:
    Dec 12, 2010
    Messages:
    61
    Likes Received:
    0
    This is for more than 1 IP.

    Is not the best solution but it works.
     
  8. Frater

    Frater Regular Pleskian

    18
     
    Joined:
    Oct 17, 2011
    Messages:
    173
    Likes Received:
    3
    Yes Nevakee, I did it that way as well....

    To automate it I have automated is using this script.
    Now you can stop the server and it will go directly to Apache.
    I'm using this approach as well for pound and assp (smtp-proxy)



    Code:
    #! /bin/sh
    
    ### BEGIN INIT INFO
    # Provides:          varnish
    # Required-Start:    $local_fs $remote_fs $network
    # Required-Stop:     $local_fs $remote_fs $network
    # Default-Start:     2 3 4 5
    # Default-Stop:      0 1 6
    # Short-Description: Start HTTP accelerator
    # Description:       This script provides a server-side cache
    #                    to be run in front of a httpd and should
    #                    listen on port 80 on a properly configured
    #                    system
    ### END INIT INFO
    
    # Source function library
    . /lib/lsb/init-functions
    
    NAME=varnishd
    DESC="HTTP accelerator"
    PATH=/sbin:/bin:/usr/sbin:/usr/bin
    DAEMON=/usr/sbin/varnishd
    PIDFILE=/var/run/$NAME.pid
    
    test -x $DAEMON || exit 0
    
    #################################################### iptables modification
    # if varnish should redirect port 80
    REDIRECT=1
    ht=`echo -e '\011'` # codify horizontal tab
    IPLIST=`mktemp`
    
    getiplist ()
    {
      SRVPORT=$1
      echo -n '' >${IPLIST}
      if [ ! -z "${SRVPORT}" ] ; then
        # get IP's varnish is listening to (no localhost)
        netstat -lntp | grep 'tcp ' | egrep -o "[0-9.]+:${SRVPORT}" | grep -v '^127\.'  | awk -F: '{print $1}' >${IPLIST}
        # if it is listening to all interfaces (0.0.0.0) then get the ipv4 interfacelist
        grep -q '0\.0\.0\.0' ${IPLIST} && ifconfig | egrep -o 'inet addr:[0-9.]+' | awk -F: '{print $2}' | grep -v '^127\.' >${IPLIST}
      fi
    }
    
    ins_ipt_rule ()
    {
            echo "Check if ports need to be translated"
            while read IP ; do
                    # check if rule isn't yet present
                    if ! iptables-save | grep PREROUTING | grep "${IP}" | grep 'dport 80' | grep -q "${VARNISH_PORT}" ; then
                            echo "Traffic going to ${IP}:80 will be translated to ${IP}:${VARNISH_PORT}"
                            iptables -t nat -A PREROUTING -d ${IP} -p tcp -m tcp --dport 80 -j DNAT --to-destination ${IP}:${VARNISH_PORT}
                    fi
            done < ${IPLIST}
    }
    
    del_ipt_rule ()
    {
            echo "Check if port translations need to be deleted"
            while read IP ; do
                    # check if rule is present
                    if iptables-save | grep PREROUTING | grep "${IP}" | grep 'dport 80' | grep -q "${VARNISH_PORT}" ; then
                            echo "Traffic going to ${IP}:80 will NOT be translated anymore to ${IP}:${VARNISH_PORT}"
                            iptables -t nat -D PREROUTING -d ${IP} -p tcp -m tcp --dport 80 -j DNAT --to-destination ${IP}:${VARNISH_PORT}
                    fi
            done < ${IPLIST}
    }
    
    ################################################### end
    
    # Include varnish defaults if available
    if [ -f /etc/default/varnish ] ; then
            . /etc/default/varnish
    fi
    
    VARNISH_PORT=`echo "${DAEMON_OPTS}" | grep -o '\-a [a-z0-9.]*:.* ' | awk -F: '{print $2}' | awk '{print $1}'`
    # if VARNISH_LISTEN_PORT is used in /etc/default/varnish it will take precedence
    VARNISH_PORT=${VARNISH_PORT:=${VARNISH_LISTEN_PORT}}
    
    
    # Open files (usually 1024, which is way too small for varnish)
    ulimit -n ${NFILES:-131072}
    
    # Maxiumum locked memory size for shared memory log
    ulimit -l ${MEMLOCK:-82000}
    
    # If $DAEMON_OPTS is not set at all in /etc/default/varnish, use minimal useful
    # defaults (Backend at localhost:8080, a common place to put a locally
    # installed application server.)
    DAEMON_OPTS=${DAEMON_OPTS:--b localhost}
    
    # Ensure we have a PATH
    export PATH="${PATH:+$PATH:}/usr/sbin:/usr/bin:/sbin:/bin"
    
    start_varnishd() {
        log_daemon_msg "Starting $DESC" "$NAME"
        output=$(/bin/tempfile -s.varnish)
        if start-stop-daemon \
            --start --quiet --pidfile ${PIDFILE} --exec ${DAEMON} -- \
            -P ${PIDFILE} ${DAEMON_OPTS} > ${output} 2>&1; then
            log_end_msg 0
            if [ ${REDIRECT} -ne 0 ] && [ ! -z "${VARNISH_PORT}" ] ; then
                    sleep 1                                 # Wait for Varnish to settle
                    getiplist "${VARNISH_PORT}"
                    ins_ipt_rule
            elif [ ${REDIRECT} -ne 0 ] ; then
                    echo "Could not detect port on which Varnish is running"
            fi
        else
            log_end_msg 1
            cat $output
            exit 1
        fi
        rm $output
    }
    
    disabled_varnishd() {
        log_daemon_msg "Not starting $DESC" "$NAME"
        log_progress_msg "disabled in /etc/default/varnish"
        log_end_msg 0
    }
    
    stop_varnishd() {
        log_daemon_msg "Stopping $DESC" "$NAME"
        if [ ${REDIRECT} -ne 0 ] && [ ! -z "${VARNISH_PORT}" ] ; then
            getiplist ${VARNISH_PORT}
        elif [ ${REDIRECT} -ne 0 ] ; then
            echo "Could not detect port on which Varnish is running"
        fi
        if start-stop-daemon \
            --stop --quiet --pidfile $PIDFILE --retry 10 \
            --exec $DAEMON; then
            log_end_msg 0
            del_ipt_rule
        else
            log_end_msg 1
        fi
    }
    
    reload_varnishd() {
        log_daemon_msg "Reloading $DESC" "$NAME"
        if /usr/share/varnish/reload-vcl -q; then
            log_end_msg 0
        else
            log_end_msg 1
        fi
    }
    
    status_varnishd() {
        status_of_proc -p "${PIDFILE}" "${DAEMON}" "${NAME}"
    }
    
    case "$1" in
        start)
            case "${START:-}" in
                [Yy]es|[Yy]|1|[Tt]|[Tt]rue)
                    start_varnishd
                    ;;
                *)
                    disabled_varnishd
                    ;;
            esac
            ;;
        stop)
            stop_varnishd
            ;;
        reload)
            reload_varnishd
            ;;
        status)
            status_varnishd
            ;;
        restart|force-reload)
            $0 stop
            sleep 2
            $0 start
            ;;
        *)
            log_success_msg "Usage: $0 {start|stop|restart|force-reload}"
            exit 1
            ;;
    esac
    
    [ -f ${IPLIST} ] && rm -f ${IPLIST}
    
    exit 0
    
     
  9. ArduinoP

    ArduinoP Guest

    0
     
    Thanks for helping. :)

    Yes actually this is not really the best solution, but as it's working then is ok. :)
     
  10. ArduinoP

    ArduinoP Guest

    0
     
    Hi,

    so i got this config now:

    Apache:
    Listen 8080

    /etc/varnish/default.vcl:
    backend default {
    .host = "domain1.it";
    .port = "8080";

    }

    /etc/sysconfig/varnish:
    ## Alternative 3, Advanced configuration
    #
    # See varnishd(1) for more information.
    #
    # # Main configuration file. You probably want to change it :)
    VARNISH_VCL_CONF=/etc/varnish/default.vcl
    #
    # # Default address and port to bind to
    # # Blank address means all IPv4 and IPv6 interfaces, otherwise specify
    # # a host name, an IPv4 dotted quad, or an IPv6 address in brackets.
    #VARNISH_LISTEN_ADDRESS=
    VARNISH_LISTEN_PORT=80

    iptables -I PREROUTING -t nat -i eth0 -d 1.1.1.2 -p tcp --dport 80 -j DNAT --to-destination 1.1.1.2:8080

    Issue is now that websites on 1.1.1.2 is taking like 10seconds to open because of the redirect, does this happening only to me? I've also tryed to add backend like domain2.it on both port 80 and 8080 but this didn't change the situation. Testing with PingDom tools it just take ages to resolve dns, then files charging is fast. :(

    All the websites on domain1.it IP are resolving fast like hell and using varnish with no problem at all. :)

    Thanks in advance. :)



    edit: seems working just fine now without editing any configuration o_O

    Thanks again nevakee!
     
    Last edited by a moderator: Feb 18, 2012
  11. nevakee

    nevakee Basic Pleskian

    19
    60%
    Joined:
    Dec 12, 2010
    Messages:
    61
    Likes Received:
    0

    This is also the meaning of the iptables rule. :)
    The apache2 configuration must not be changed.
     
    Last edited: Feb 18, 2012
  12. Prinny

    Prinny Guest

    0
     
    Correct me if I'm wrong, but wouldn't ArduinoP's settings bypass Varnish entirely? If Apache is listening on 8080 and he's redirecting all port 80 traffic to 8080, then Varnish wouldn't even see any of it. If that's the case, then he's simply serving pages from Apache while Varnish runs in the background taking up resources.
     
  13. ArduinoP

    ArduinoP Guest

    0
     
    well actually page loading time dropped from 4-5seconds to 900ms... :D
     
  14. Frater

    Frater Regular Pleskian

    18
     
    Joined:
    Oct 17, 2011
    Messages:
    173
    Likes Received:
    3
    One should also change how Apache logs otherwise it will log all traffic as if it was coming from the server itself....

    I wrote a sort of "Howto" which I had to follow myself just recently after installing 2 new plesk servers...
    I did have difficulty following it, because I'm only putting 'diff' statements where files need to be edited, but there weren't any faults there...

    So, if you want proper logging (with the original IP-addresses instead of the same) you need to check this:

    http://forum.parallels.com/showthread.php?p=556864#post556864


    If someone wants to write a better HowTo, please do
     
  15. ArduinoP

    ArduinoP Guest

    0
     
    did you tryed with mod_rpaf?
     
  16. Frater

    Frater Regular Pleskian

    18
     
    Joined:
    Oct 17, 2011
    Messages:
    173
    Likes Received:
    3
    I didn't know about that mod..
    I just reversed my modification and installed mod_rpaf which turns out was in ubuntu's repo

    reverse my own mod
    Code:
    mv /opt/psa/admin/conf/templates/custom /opt/
    /opt/psa/admin/sbin/httpdmng --reconfigure-all
    Installed mod_rpaf and edited /etc/apache2/mods-available/rpaf.conf (add my proxy IP)
    Code:
    apt-get install libapache2-mod-rpaf
    vi /etc/apache2/mods-available/rpaf.conf
    /etc/init.d/apache2 restart
    I did a short test and found out it worked for access_log, but not for error_log :-(
    My solution does work for both files, but this one is much less intrusive....
    And it will (probably) not get confused if I turn off the reverse-proxy and someone connects with a forward-proxy.
    In that case I don't want to detect the original IP (as it can be faked) and am merely interested in the IP of that foreign forward-proxy.
     
    Last edited: Mar 3, 2012
  17. ArduinoP

    ArduinoP Guest

    0
     
    Is there a way to get plesk update working? Right now i got repo error because of varnish installation... :(
     
  18. KristianM

    KristianM Regular Pleskian

    22
    40%
    Joined:
    Jul 17, 2011
    Messages:
    227
    Likes Received:
    10
    Location:
    Augsburg, Germany
    Hi,

    what does your default.vcl look like for this case?

    Thanks
    Kristian
     
  19. nevakee

    nevakee Basic Pleskian

    19
    60%
    Joined:
    Dec 12, 2010
    Messages:
    61
    Likes Received:
    0
    File: /etc/varnish/default.vcl
     
  20. sosbilisim

    sosbilisim Basic Pleskian

    26
    23%
    Joined:
    May 25, 2007
    Messages:
    55
    Likes Received:
    0
    I'm not use plesk 10 but I use plesk 11

    worked with iptables rule to varnish work great but i have a problem with multiple ip with varnish backend.

    I use default configuration for varnish then i added my second ip to varnish backend varnish cant start. say failed and not working
     
Loading...