varnish
10M+
Varnish is an HTTP accelerator designed for content-heavy dynamic web sites as well as APIs.
docker pull varnish
Maintained by:
the Varnish Docker Community
Where to get help:
the Docker Community Slack, Server Fault, Unix & Linux, or Stack Overflow
Dockerfile
linksWhere to file issues:
https://github.com/varnish/docker-varnish/issues
Supported architectures: (more info)amd64
, arm32v7
, arm64v8
, i386
, ppc64le
, s390x
Published image artifact details:
repo-info repo's repos/varnish/
directory (history)
(image metadata, transfer size, etc)
Image updates:
official-images repo's library/varnish
label
official-images repo's library/varnish
file (history)
Source of this description:
docs repo's varnish/
directory (history)
Varnish is an HTTP accelerator designed for content-heavy dynamic web sites as well as APIs. In contrast to other web accelerators, such as Squid, which began life as a client-side cache, or Apache and nginx, which are primarily origin servers, Varnish was designed as an HTTP accelerator. Varnish is focused exclusively on HTTP, unlike other proxy servers that often support FTP, SMTP and other network protocols.
VARNISH_BACKEND_HOST
and VARNISH_BACKEND_PORT
You just need to know where your backend (the server that Varnish will accelerate) is:
# we define VARNISH_BACKEND_HOST/VARNISH_BACKEND_PORT
# our workdir has to be mounted as tmpfs to avoid disk I/O,
# and we'll use port 8080 to talk to our container (internally listening on 80)
$ docker run \
-e VARNISH_BACKEND_HOST=example.com -e VARNISH_BACKEND_PORT=80 \
--tmpfs /var/lib/varnish/varnishd:exec \
-p 8080:80 \
varnish
From there, you can visit localhost:8080
in your browser and see the example.com homepage.
If you already have a VCL file, you can directly mount it as /etc/varnish/default.vcl
:
# we need the configuration file at /etc/varnish/default.vcl,
# our workdir has to be mounted as tmpfs to avoid disk I/O,
# and we'll use port 8080 to talk to our container (internally listening on 80)
$ docker run \
-v /path/to/default.vcl:/etc/varnish/default.vcl:ro \
--tmpfs /var/lib/varnish/varnishd:exec \
-p 8080:80 \
varnish
Alternatively, a simple Dockerfile
can be used to generate a new image that includes the necessary default.vcl
:
FROM varnish
COPY default.vcl /etc/varnish/
Place this file in the same directory as your default.vcl
, run docker build -t my-varnish .
, then start your container:
$ docker --tmpfs /var/lib/varnish/varnishd:exec -p 8080:80 my-varnish
The images all ship with varnishreload which allows you to easily update the running configuration without restarting the container (and therefore losing your cache). At its most basic, you just need this:
# update the default.vcl in your container
docker cp new_default.vcl running_container:/etc/varnish/default.vcl
# run varnishreload
docker exec running_container varnishreload
Note that varnishreload
also supports reloading other files (it doesn't have to be default.vcl
), labels (l
), and garbage collection of old labeles (-m
) among others. To know more, run
docker run varnish varnishreload -h
By default, the containers will use a cache size of 100MB, which is usually a bit too small, but you can quickly set it through the VARNISH_SIZE
environment variable:
$ docker run --tmpfs /var/lib/varnish/varnishd:exec -p 8080:80 -e VARNISH_SIZE=2G varnish
Varnish will listen to HTTP traffic on port 80
, and this can be overridden by setting the environment variable VARNISH_HTTP_PORT
. Similarly, the variable VARNISH_PROXY_PORT
(defaulting to 8443
) dictate the listening port for the PROXY protocol used notably to interact with hitch (which, coincidentally, uses 8443
as a default too!).
# instruct varnish to listening to port 7777 instead of 80
$ docker run --tmpfs /var/lib/varnish/varnishd:exec -p 8080:7777 -e VARNISH_HTTP_PORT=7777 varnish
Additionally, you can add arguments to docker run
after varnish
, if the first argument starts with a -
, the whole list will be appendend to the default command:
# extend the default keep period
$ docker run --tmpfs /var/lib/varnish/varnishd:exec -p 8080:80 -e VARNISH_SIZE=2G varnish -p default_keep=300
If your first argument after varnish
doesn't start with -
, it will be interpreted as a command to override the default one:
# show the command-line options
$ docker run varnish varnishd -?
# list parameters usable with -p
$ docker run varnish varnishd -x parameter
# run the server with your own parameters (don't forget -F to not daemonize)
$ docker run varnish varnishd -F -a :8080 -b 127.0.0.1:8181 -t 600 -p feature=+http2
As mentioned above, you can use vmod_dynamic for backend resolution. The varnish-modules collection is also included in the image. All the documentation regarding usage and syntax can be found in the src/ directory of the repository.
On top of this, images include install-vmod, a helper script to quickly download, compile and install vmods while creating your own images. Note that images set the ENV
variable VMOD_DEPS
to ease the task further.
FROM varnish:7.1
# set the user to root, and install build dependencies
USER root
RUN set -e; \
apt-get update; \
apt-get -y install $VMOD_DEPS /pkgs/*.deb; \
\
# install one, possibly multiple vmods
install-vmod https://github.com/varnish/varnish-modules/releases/download/0.20.0/varnish-modules-0.20.0.tar.gz; \
\
# clean up and set the user back to varnish
apt-get -y purge --auto-remove $VMOD_DEPS varnish-dev; \
rm -rf /var/lib/apt/lists/*
USER varnish
FROM varnish:7.1-alpine
# install build dependencies
USER root
RUN set -e; \
apk add --no-cache $VMOD_DEPS; \
\
# install one, possibly multiple vmods
install-vmod https://github.com/varnish/varnish-modules/releases/download/0.20.0/varnish-modules-0.20.0.tar.gz; \
\
# clean up
apk del --no-network $VMOD_DEPS
USER varnish
The varnish
images come in many flavors, each designed for a specific use case.
varnish:<version>
This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of.
varnish:<version>-alpine
This image is based on the popular Alpine Linux project, available in the alpine
official image. Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general.
This variant is useful when final image size being as small as possible is your primary concern. The main caveat to note is that it does use musl libc instead of glibc and friends, so software will often run into issues depending on the depth of their libc requirements/assumptions. See this Hacker News comment thread for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images.
To minimize image size, it's uncommon for additional related tools (such as git
or bash
) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the alpine
image description for examples of how to install packages if you are unfamiliar).
View license information for the software contained in this image.
As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).
Some additional license information which was able to be auto-detected might be found in the repo-info
repository's varnish/
directory.
As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.
Docker Official Images are a curated set of Docker open source and drop-in solution repositories.
These images have clear documentation, promote best practices, and are designed for the most common use cases.