Microsoft Azure

Deploying Varnish Cloud instance

Azure Marketplace

Choose a Varnish Software product from the Azure Marketplace.
Click “Get it now”.
Select your preferred Linux distribution and click “Continue” to open the Azure Portal.

Azure Portal

Log into your account on the Azure Portal.
Go to “Virtual machines” in the left menu.
Click “Browse all public and private images” and search for “Varnish Software” where you’ll see a list of our products.
Choose a product and fill out the following:
- Basics:
  - Create a new resourcegroup or use an existing one.
  - Type a name for your instance.
  - Select your region.
  - Choose a size.
  - Varnish Enterprise is memory-intensive, so we recommend choosing an instance size that suits your application. You can choose the default or click “Change size” to use another size.
  - We recommend to use the authentication type, “SSH public key”.
  - Enter a username for the instance. Don’t use “varnish” as a username, as it is used by Varnish Software. Your login will fail if you do so!
  - Paste in your SSH public key.
  - Click “Next: Disk”.
- Disks:
  - This should already be filled in, but feel free to modify it to your needs.
  - Click “Next: Networking”.
- Networking:
  - This should already be filled in, but feel free to modify it to your needs.
  - Click “Next: Management”.
- Management:
  - This should already be filled in, but feel free to modify it to your needs.
  - Click “Review + create”.
- Review + create:
  - Review your summary and click “Create”.

Your Varnish Software instance is up and running! Now tune up your configuration and start enjoying the product benefits.

Configuring your Varnish Cloud instance

Connecting

For Windows SSH client, you can use Putty.

For Linux and Mac users, you can use your favorite SSH client.

For more info on how to access your Linux instance:

Basic configuration

The configuration files are located in different places based on what kind of VMs you are running; Varnish Custom Statistics (VCS) or Varnish Enterprise 6 (VE6).

We’ll cover configuration basics, but for more details and advanced configuration possibilities, refer to these materials:

Varnish Cache and Varnish Enterprise

The enterprise version of Varnish Cache, VE6, contains easy-to-use improvements and performance enhancements, additional functionality such as the Varnish Massive Storage Engine (MSE), Varnish High Availability (VHA), and SSL/TLS backend support. VE6 customers can enable front-end SSL/TLS by using Varnish Plus Add-on SSL (Hitch), which is included with the image.

By default, the varnishd process should be running on TCP 80 and 8443 and Hitch will be running on port 443.

Default VCL configuration
- /etc/varnish/default.vcl

Parameter tuning

The default settings in your Varnish instance suit most users, but we advise you to take a look and update the configuration according to your own needs. Our documentation site has a reference section with the available runtime options. This will help you to properly configure your Varnish process.

To check out system parameters, run this command:

sudo systemctl cat varnish.service

To change the runtime options, input the following command on your Varnish instance to override the default values:

sudo systemctl edit varnish.service

Edit, as needed, and save the file. Now restart Varnish, by running the following command:

sudo systemctl restart varnish.service

Note: You can do the same for hitch.service

Varnish Custom Statistics (VCS)

VCS should run out of the box without any additional effort.

Red Hat
- /etc/varnish/vstatd.params
Ubuntu
- /etc/default/vstatd

Testing Varnish Cloud instance

Varnish Custom Statistics

To verify that VCS is running, point your browser to the hostname/ip address to the TCP 6555 port. You should see the dashboard without any authentication.

Varnish Cache and Varnish Enterprise

In both VC and VE instances, there should be two varnishd processes running out of the box when you SSH to the instances to verify the process table. Or you can verify the process status by pointing your browser to http://[ip-address] or https://[ip-address] where you’ll see a welcome page.

Congratulations! Your varnishd is now running nicely. You can assign a running web server backend to the default VCL configuration by editing /etc/varnish/default.vcl.

If you don’t see a welcome page, the process is not running, which might mean you don’t have port 80 and 443 open to the instance.

If you login to the instance with SSH, check your Varnish status with this command (and get the following output):

terminal$ sudo systemctl status varnish.service
 varnish.service - Varnish Cache, a high-performance HTTP accelerator
   Loaded: loaded (/lib/systemd/system/varnish.service; enabled; vendor preset: enabled)
  Drop-In: /etc/systemd/system/varnish.service.d
           └─override.conf
   Active: active (running) since Mon 2020-05-04 14:19:24 UTC; 3min 39s ago
  Process: 9904 ExecStart=/usr/sbin/varnishd -a :80 -a 127.0.0.1:8443,proxy -S /etc/varnish/secret -T localhost:6082 -f /etc/varnish/default.vcl -s malloc,256m (code=exited, status=0/SUCCESS)
 Main PID: 9919 (varnishd)
    Tasks: 217
   CGroup: /system.slice/varnish.service
           ├─9919 /usr/sbin/varnishd -a :80 -a 127.0.0.1:8443,proxy -S /etc/varnish/secret -T localhost:6082 -f /etc/varnish/default.vcl -s malloc,256m
           └─9938 /usr/sbin/varnishd -a :80 -a 127.0.0.1:8443,proxy -S /etc/varnish/secret -T localhost:6082 -f /etc/varnish/default.vcl -s malloc,256m

May 04 14:19:23 ip-10-0-1-88 systemd[1]: Stopped Varnish Cache, a high-performance HTTP accelerator.
May 04 14:19:23 ip-10-0-1-88 systemd[1]: Starting Varnish Cache, a high-performance HTTP accelerator...
May 04 14:19:24 ip-10-0-1-88 varnishd[9904]: Debug: Version: varnish-6.0.6 revision 29a1a8243dbef3d973aec28dc90403188c1dc8e7
May 04 14:19:24 ip-10-0-1-88 varnishd[9919]: Version: varnish-6.0.6 revision 29a1a8243dbef3d973aec28dc90403188c1dc8e7
May 04 14:19:24 ip-10-0-1-88 varnishd[9904]: Debug: Platform: Linux,4.15.0-1065-aws,x86_64,-junix,-smalloc,-sdefault,-hcritbit
May 04 14:19:24 ip-10-0-1-88 varnishd[9919]: Platform: Linux,4.15.0-1065-aws,x86_64,-junix,-smalloc,-sdefault,-hcritbit
May 04 14:19:24 ip-10-0-1-88 varnishd[9904]: Debug: Child (9938) Started
May 04 14:19:24 ip-10-0-1-88 varnishd[9919]: Child (9938) Started
May 04 14:19:24 ip-10-0-1-88 varnishd[9919]: Child (9938) said Child starts
May 04 14:19:24 ip-10-0-1-88 systemd[1]: Started Varnish Cache, a high-performance HTTP accelerator.

To show the processes and what port they are listening to, you can use netstat. Hitch should listen on port 443 and varnishd should listen on port 80, 8443 and 6082:

terminal$ netstat -peanut
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       User       Inode      PID/Program name
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      0          45162      9919/varnishd
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      101        15837      653/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      0          19211      978/sshd
tcp        0      0 127.0.0.1:8443          0.0.0.0:*               LISTEN      0          45164      9919/varnishd
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      0          19342      992/hitch
tcp        0      0 127.0.0.1:6082          0.0.0.0:*               LISTEN      0          45187      9919/varnishd
tcp        0    356 10.0.1.88:22            46.9.119.82:52976       ESTABLISHED 0          25997      2291/sshd: ubuntu [
tcp6       0      0 :::80                   :::*                    LISTEN      0          45163      9919/varnishd
tcp6       0      0 :::22                   :::*                    LISTEN      0          19222      978/sshd
tcp6       0      0 :::443                  :::*                    LISTEN      0          19343      992/hitch
udp        0      0 127.0.0.53:53           0.0.0.0:*                           101        15836      653/systemd-resolve
udp        0      0 10.0.1.88:68            0.0.0.0:*                           100        46003      638/systemd-network

Next steps:

Configure a location of a web server backend. SSH to the instance and edit /etc/varnish/default.vcl. Add a backend and define your VCL caching rules:
```
terminal$ sudo vi /etc/varnish/default.vcl
```
Restart varnishd service to activate the current configuration:
```
terminal$ sudo systemctl restart varnish.service
```
Update your site’s DNS record to be a hostname/ip address of the running Varnish Cache or Varnish Enterprise instances. After making changes in the DNS record (allowing for DNS ttl expiry), traffic will start coming to this instance.

For more advanced features and usage, refer to the following documentation:

Varnish Enterprise

Contact the Varnish Software cloud team if your instance is not running as expected. We’re eager to help you to fix your issue as soon as possible!

Customers who purchase VE, VCS, or VE VM images through Microsoft Azure are eligible for Varnish Cloud support and software updates provided by the Varnish Software engineering team. To contact support, submit the Varnish Cloud support activation form.

What’s next?

Visit After Configuration for more info about what you can do with Varnish Cloud products.