varnish on plesk for subdomain

0
votes

I know I am adding too much information in the question but please bear with me.

We have our site running over domain say for e.g. - domain1.com having ip say for e.g. - 192.168.1.25. Now, we got another server running over IP say for e.g. 192.168.1.26 having plesk panel 12.5.30. Please note, we have not pointed our domain - domain1.com to 192.168.1.26 as we would like to keep it private until we setup everything and ready to start working as production. We have setup our domain in plesk panel with domain1.com and created staging.domain1.com as subdomain.

We modified hosts files on our local machine to point staging.domain1.com to 192.168.1.26 so we are able to access our website from new server while main domain - domain1.com is still running over 192.168.1.25 and we are able to access as domain1.com

Basically, we are setting up staging environment over 192.168.1.26 IP. We do have CentOS 6 running over new staging domain and we enabled firewall rules to run website on certain IPs in plesk panel.

We want to configure varnish over new server and we installed it. [We have already upvoted for varnish request in plesk forum.] On plesk, we do have apache running over port 7080 & nginx running over port 80.

> netstat -ntlp | grep -w 80
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      29795/nginx         
tcp        0      0 :::80                       :::*                        LISTEN      29795/nginx         

> netstat -ntlp | grep -w 7080
tcp        0      0 0.0.0.0:7080                0.0.0.0:*                   LISTEN      10161/httpd

We setup A record as 192.168.1.26 - staging.domain1.com to our DNS and we are getting correct IP on staging domain. We set /etc/varnish/default.vcl file as below:

backend default {
  .host = "192.168.1.26";
  .port = "80";
}

backend admin {
  .host = "192.168.1.26";
  .port = "80";
  .first_byte_timeout = 18000s;
  .between_bytes_timeout = 18000s;
}

sub vcl_recv {
    if (req.restarts == 0) {
        if (req.http.x-forwarded-for) {
            set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + cl$
        } else {
            set req.http.X-Forwarded-For = client.ip;
        }
    }
    if (req.request != "GET" &&
        req.request != "HEAD" &&
        req.request != "PUT" &&
        req.request != "POST" &&
        req.request != "TRACE" &&
        req.request != "OPTIONS" &&
        req.request != "DELETE" &&
        req.request != "PURGE") {
        /* Non-RFC2616 or CONNECT which is weird. */
        return (pipe);
    }

    if (req.http.cookie ~ "adminhtml=") {
        set req.backend = admin;
    }
}

Here is the /etc/sysconfig/varnish file:

VARNISH_LISTEN_PORT=6081
VARNISH_ADMIN_LISTEN_PORT=6082
VARNISH_VCL_CONF=/etc/varnish/default.vcl

We started varnish service - /etc/init.d/varnish start and checked port 6081:

> netstat -ntlp | grep -w 6081
tcp        0      0 0.0.0.0:6081                0.0.0.0:*                   LISTEN      23745/varnishd      
tcp        0      0 :::6081                     :::*                        LISTEN      23745/varnishd

But when we check our site by accessing staging.domain1.com:6081, we are getting response but URLs showing in browser are pointing at domain1.com. So we changed .host in default & admin to domain name - staging.domain1.com such as below and then restarted varnish service but it is failing to do so.

backend default {
    .host = "staging.domain1.com";
    .port = "80";
}

backend admin {
    .host = "staging.domain1.com";
    .port = "80";
    .first_byte_timeout = 18000s;
    .between_bytes_timeout = 18000s;
}

I am not getting the reason why it is not restarting after adding real (sub)domain names. Another thing: Site is serving from port 80 i.e. nginx. Ideally, varnish should be running over port 80 and we tried to do so but somehow we failed. We managed to run nginx over port 8080 by following guidelines at - https://www.theshell.guru/change-nginx-port-plesk-12-centos-6-6/. Basically, we added custom directory under /usr/local/psa/admin/conf/templates and copied following files over there and updated to port 8080.

  • nginx.php
  • nginxDomainForwarding.php
  • nginxDomainForwardingIpDefault.php
  • nginxDomainVhost.php
  • nginxDomainVhostIpDefault.php
  • nginxWebmail.php

Then we changed, varnish listen port to 80 instead of port 6081 but when we start varnish, it straightaway shows failed and our domain - staging.domain1.com fails to load so we reverted back everything as above i.e.

  • varnish on port 6081[VCL backend at 80]
  • apache 7080
  • nginx 80

I assumed I should have following scenario:

  • Varnish - port 80 [default.vcl file should greb content from 8080 port]
  • Nginx - port 8080
  • Apache - port 7080.

In first scenario, we are not able to confirm whether varnish is correctly configured or not [in case if we set IP instead of real host name] and in second scenario, we are not able to start varnish service though it should be ideal case.

Basically, I am not getting what is wrong over here.

1
centosvarnishplesk

1 Answers

0
votes

First of all, do not use Varnish with Plesk or any control panel. This will never lead to good results. Use it on a bare bones Linux server so you have better insight on what is going on.

Second, you were almost there :) The backend IP in varnish VCL had to stay as IP. Putting domain there instead of IP is wrong. Varnish will automatically translate Host header from your HTTP request onto the underlying backend server. So if you open a page with URL http://staging-domain:6081/, then what happens is:

  • an HTTP request with Host:staging-domain reaches Varnish
  • then Varnish will pass it along to Apache/Nginx with the same value.

It's very likely your initial issue was a redirect initiated by your app / website.

Simply put, you're trying to access http://staging-domain:6081/ and your app redirected to http://domain/ because it had "domain" hardcoded in its settings / configuration. A very common thing to happen.

So the solution would be to:

  • change varnish listen IP to 80
  • change Nginx / whatever your backend web server to a different port, i.e. 8080
  • adjust varnish VCL backend definition to web server's IP and port, i.e. 192.168.1.26 and 8080
  • adjust your web app settings, in particular base URL

You might also have to translate the real port over to Nginx and disable port in redirects in Nginx configuration:

port_in_redirect off;

If all fails, make use of professional installation service :)