Varnish Cache has quickly grown to be a popular reverse proxy software for accelerating HTTP requests and caching static and dynamic content. It’s an incredibly powerful way to speed up websites, increase scalability, and reduce server costs. Getting started, however, can be a bit of a headache. Before you dive into the fundamentals of VCL let’s take a quick look at everything you need to know about installing Varnish Cache.
When installing Varnish you have a few options: Install the open-source version yourself, use one of Varnish Software’s paid products which includes support and additional capabilities built on top of Varnish, or deploy Varnish Cache within a Content Delivery solution such as Fastly (running modified Varnish 2.1) or section.io (running 7 versions of Varnish up to 5.1.2).
Below we go through the pros and cons to each solution so you can decide which option will be right for your web application:
Open Source Varnish Cache
Varnish Cache is an excellent open source project with a healthy community around it which is why many websites choose to install the open source version themselves. This has several benefits, the first and for some most important factor being that it is free to download and use. There also may be reasons your organization would prefer to deploy Varnish on-premises rather than in a cloud-based solution. In addition, by using the open-source version you’ll always have the option to self-update to the newest Varnish version. Varnish is currently on version 5.1.2 and supports versions 4.0 and above with 4.1 being the current stable release. By using the open source Varnish you can always rely on the Varnish Cache documentation, Varnish Software documentation, and Varnish community. You will also know exactly what VCL you are using and don’t have to worry about modifications which will make it more difficult to use these open source resources.
However, despite being free this option does come with associated costs. These include the costs host your own Varnish server and costs around using significant developer resource to set up and maintain the Varnish server. In addition, because Varnish Cache out-of-the-box does not include user friendly monitoring and metrics tools, you will likely need to spend resource setting up your own logging and alerting system to track the performance of Varnish and alert you if something goes down. It can also be quite complex managing Varnish-specific setup issues such as the SSL termination needed to use Varnish with HTTPS.
Another downside of installing Varnish yourself is the lack of structured support. While you have access to the Varnish Cache community you will not have immediate access to a designated support team who can answer questions or assist you while you are learning VCL or troubleshooting issues.
Varnish Software is the commercial arm of Varnish Cache and the company offers several paid services built on top of the open source Varnish Cache. These include their core product Varnish Plus, Varnish Plus Cloud which deploys Varnish Plus on cloud infrastructure, and Varnish API Engine for API management. Varnish Software also offers Varnish Extend, a type of Content Delivery Network which is discussed in the next section.
Varnish Plus is useful for your organization if you are looking for additional Varnish modules and configurations and professional support offered by Varnish Software. Varnish Software can also handle SSL/TLS termination for you and provides an administration console. This can be a good option if you are looking to deploy Varnish on-premises but want a better interface to work with than the bare VCL, need support, or have an advanced use-case.
The downside of these solutions is that they can be prohibitively expensive, and some support levels offer just 20 support requests/year. The plans start at $31,000 for a three node cluster and go up based on needs and additional features.
Content Delivery Network
The final option is to deploy Varnish Cache globally using a Content Delivery Network. CDNs consist of two layers - the DNS layer which routes requests to the server closest to the user, and the reverse proxy layer which includes software such as Varnish Cache or other caching reverse proxies, web application firewalls, bot blockers, and more. Most traditional CDNs offer older caching proxies like Nginx or Squid, but there are a few CDNs which base their caching on Varnish.
As mentioned above, Varnish Software has a Content Delivery Network “Varnish Extend” which is described as a self-assembled CDN. Varnish Extend provides traffic management through Cdexis and instructions on setting up a custom CDN. This custom CDN could be a hybrid of commercial CDNs and private servers, a private CDN, or use Varnish as an origin shield.
This option allows you to create a CDN specific to your needs, however this will require a large amount of ongoing work to set up and maintain, and Varnish Extend does not assist you with the actual implementation. In addition, Varnish Extend only deploys Varnish as a reverse proxy and applications would need to separately configure other reverse proxies such as WAFs. Therefore Varnish Extend is only applicable for very large enterprises who want to build a custom CDN using Varnish Cache and get support directly from Varnish.
Fastly is a newer Content Delivery Network which is based on Varnish Cache 2.1. Fastly uses a modified version of Varnish Cache for caching static and dynamic content and also offers a rules-based WAF. Fastly also includes metrics, logs, varying levels of support and SSL/TLS certificates at an additional cost to their monthly fee.
While Fastly takes advantage of the speed of Varnish, it can be difficult to fully configure and test Fastly’s modified VCL without paying their professional services team for assistance. Because the VCL is modified, the open source documentation and community may not be able to assist you in configurations. Fastly does offer a rules-based WAF but does not have the advanced security solutions that other CDNs offer.
section.io is a flexible Content Delivery Grid which offers users a choice of 7 unmodified Varnish Cache versions including the latest release 5.1.2. section.io also includes ELK Stack logs, robust Grafana metrics, free SSL/TLS certificates and certificate management, and a local Developer PoP for testing the full Varnish and content delivery setup before pushing to production. By testing the full Varnish configuration locally, section.io users can cache more content without the risk of broken caching or session leakage.
section.io gives developers full control over their Varnish configuration, so they are able to edit VCL directly to get the best possible performance out of Varnish or get assistance from the section.io support team. section.io is also unique for content delivery solutions in that it allows users to deploy Varnish Cache on the section.io global PoP network, on a private PoP network, or on-premises with all of the DevOps tools section.io’s platform provides.
Choosing the Right Solution for You
When choosing the Varnish Cache deployment mode that is right for your application you should consider costs (including cost to maintain and set up the open source version), ease of use, accessibility to logs and metrics, and the type of support you think will work best for your development team.
Writing custom Varnish Cache configurations involves learning VCL and continually tuning your VCL setup to get the best cache performance. For small organizations with fewer developer resources, a solution that provides guidance on VCL and access to Varnish experts may be preferable to an open source installation.
Applications that serve global audiences will benefit from a global deployment of Varnish rather than a single Varnish node installed in one location. Utilizing a CDN with Varnish will allow them to get the fast performance of Varnish’s caching combined with additional speed that comes with reducing the distance content needs to travel to users.
Above all you should choose a solution which can adapt to your needs, gives you full control over your configuration, and allows you to test VCL before it goes to production. Many websites do not take advantage of the full power of Varnish because they do not have the power to edit VCL and have no way of testing the full Varnish configuration before going to production. This often leads to websites not utilizing the dynamic caching features Varnish is known for out of fear that this caching will break in production. We strongly recommend using a tool like section.io’s Developer PoP to test Varnish before it goes to production.
To learn more about how to get started with Varnish Cache, including writing Varnish Configuration Language to cache content for your application please download the full Varnish Cache Guide. If you have specific questions about Varnish Cache and VCL check out our community forum or contact us at firstname.lastname@example.org and one of our Varnish experts would be happy to help you.