We have by far the largest RPM repository with NGINX module packages and VMODs for Varnish. If you want to install NGINX, Varnish, and lots of useful performance/security software with smooth
Active subscription is required.
yum upgrades for production use, this is the repository for you.
Active subscription is required.
Use our up-to-date, bug-free, time tested, and proactively developed version of Varnish VCL for Magento 2.
Requirements
Varnish 4.x
The supported Varnish version is 4.x.
SSL offload header
Magento 2 changed the default SSL offload header. Version 2.0 used SSL_OFFLOADED while the latter use X-Forwarded-Proto.
If you were upgrading versions, you might still have the old value. To ensure the correct value, set it via CLI:
bin/magento config:set --lock-config web/secure/offloader_header X-Forwarded-Proto
This will preserve the correct value in the file app/etc/config.php as opposed to the database.
Correct Magento/NGINX configuration
Magento must be configured with pub directory of your Magento as the root directive in NGINX.
Wrong
root /srv/www/example.com;
Correct
root /srv/www/example.com/pub;
Subsequently, the base URL should not include /pub/ at all.
This is the most secure setup, as only files under pub will be web-accessible.
The key differences from the default Magento VCL:
- Microcache for search results
- Clearing cache for a specific store (you need to amend changes to the core as per this ticket for this)
- Proper health check URI (deals with a stupid issue that was, of course, never dealt with by Magento team)
Tontsa
Does this configuration already have all traffic re-directed to our SSL-termination proxy?
I have previously used this kind of redirecting rules in my configuration:
Do I need to add this to the file, or does it have something similar already implemented?
Danila Vershinin
Hi Tontsa,
Yes, you would still need to add code similar to the one you posted for SSL redirects.
However, it is not needed if you set Magento base URLs to start with
https://. In that case Magento will do the redirects and Varnish will cache them.DD Bear
What are the differences/advantages between this VCL and the one that is generated from the Magento 2.1 Admin?
Danila Vershinin
The VCL here will cache search results for 30 minutes whereas default Magento VCL will not.
Hubertus
Hello Danila,
i have a question regarding magento 2 and varrnish caching:
I configured it and it works fine so far.
Now we know that google wants to have us website owners to deliver the whole website in secure https to get better ranking (and in general its a good idea 🙂 ) .
Is then the whole varnish cache ineffective because all of the data stream is secure and not directed to the varnish cache but to hitch?
Danila Vershinin
Hi Hubertus,
Varnish will stay effective in a Hitch + Varnish setup.
As long as you configure things in a way that traffic flows through Varnish – you are fine.
In a typical setup, that is the case. Example :
* An SSL terminator (be it Hitch, or nginx, or anything else) at port 443, “forwarding” (proxying) traffic to Varnish at port 80
* Varnish listening at port 80, forwarding traffic to backend at e.g. port 8080
* The backend (Apache, nginx, whatever) at port 8080.
Hubertus
Ok, thank you!
Odz
Hi,
I am getting 502 Gateway time out error, while using this vcl, Can you please guide me what I did wrong?
Danila Vershinin
That error is coming from NGINX. So you should be checking its error log. Gateway timeout likely means that PHP processing is too slow.
code_bucket
Hi, while using this VCL, my page content doesn’t display correctly. I only get the full page after refreshing the page 4-5 time. Do you have any clue on what’s happening here? Once I turn off Varnish, the site works fine.
Danila Vershinin
My first guess would be that the Magento is running with either
developerordefaultmode wherein static assets are generated “upon on access”.That would cause heavy server load even from access to a single page and subsequently exceeding some defined timeouts.
Make sure your Magento is running in production mode?
Figo
Is the above vcl templates still valide for varnish6, generated from magento 2.4? If no, could the above be upgraded please.
Thanks
secaliskan
Hi Danila, I guess you are very busy but can you please rearrange the VCL for Varnish 6.X? Since varnish 4.X is quite old we can not install
Danila Vershinin
Guys, don’t know your specific reason for using Varnish 6, but Varnish 4 isn’t “dead” to me yet.
Sure, Varnish 4 is EOL but some features has been made commercial in Varnish 6 (example Varnish Agent),
and Magento 2 never dropped support for Varnish 4 even in its VCL generation code.
And if they ever do, it doesn’t matter – all it needs is for a caching proxy cache that supports ESI (Varnish just happens to be one that is well known).
As far as Varnish 6 config, the standard one can be generated through the command line via
bin/magento varnish:vcl:generate.And the better plan for the improved config above (for both Varnish 4 and 6) would be developing a new command that generates VCL in a similar fashion but the resulting VCL will have the right stuff / fixes above.
Anyone wishing this to happen, vote/comment on a ticket on the extras n98-magerun2 commands repo. This would help to set priorities.