Introducing our new CEO Don Johnson - Read More
varnish logo

varnish

Docker Official Image

10M+

177

Varnish is an HTTP accelerator designed for content-heavy dynamic web sites as well as APIs.

docker pull varnish

Quick reference

Supported tags and respective Dockerfile links

Quick reference (cont.)

What is Varnish?

Varnish is an HTTP accelerator designed for content-heavy dynamic web sites as well as APIs. In contrast to other web accelerators, such as Squid, which began life as a client-side cache, or Apache and nginx, which are primarily origin servers, Varnish was designed as an HTTP accelerator. Varnish is focused exclusively on HTTP, unlike other proxy servers that often support FTP, SMTP and other network protocols.

logo

How to use this image.

Basic usage

Using VARNISH_BACKEND_HOST and VARNISH_BACKEND_PORT

You just need to know where your backend (the server that Varnish will accelerate) is:

# we define VARNISH_BACKEND_HOST/VARNISH_BACKEND_PORT
# our workdir has to be mounted as tmpfs to avoid disk I/O,
# and we'll use port 8080 to talk to our container (internally listening on 80)
$ docker run \
    -e VARNISH_BACKEND_HOST=example.com -e VARNISH_BACKEND_PORT=80 \
	--tmpfs /var/lib/varnish/varnishd:exec \
	-p 8080:80 \
	varnish

From there, you can visit localhost:8080 in your browser and see the example.com homepage.

Using a VCL file

If you already have a VCL file, you can directly mount it as /etc/varnish/default.vcl:

# we need the configuration file at /etc/varnish/default.vcl,
# our workdir has to be mounted as tmpfs to avoid disk I/O,
# and we'll use port 8080 to talk to our container (internally listening on 80)
$ docker run \
	-v /path/to/default.vcl:/etc/varnish/default.vcl:ro \
	--tmpfs /var/lib/varnish/varnishd:exec \
	-p 8080:80 \
	varnish

Alternatively, a simple Dockerfile can be used to generate a new image that includes the necessary default.vcl:

FROM varnish

COPY default.vcl /etc/varnish/

Place this file in the same directory as your default.vcl, run docker build -t my-varnish ., then start your container:

$ docker --tmpfs /var/lib/varnish/varnishd:exec -p 8080:80 my-varnish

Reloading the configuration

The images all ship with varnishreload which allows you to easily update the running configuration without restarting the container (and therefore losing your cache). At its most basic, you just need this:

# update the default.vcl in your container
docker cp new_default.vcl running_container:/etc/varnish/default.vcl
# run varnishreload
docker exec running_container varnishreload

Note that varnishreload also supports reloading other files (it doesn't have to be default.vcl), labels (l), and garbage collection of old labeles (-m) among others. To know more, run

docker run varnish varnishreload -h

Additional configuration

Cache size (VARNISH_SIZE)

By default, the containers will use a cache size of 100MB, which is usually a bit too small, but you can quickly set it through the VARNISH_SIZE environment variable:

$ docker run --tmpfs /var/lib/varnish/varnishd:exec -p 8080:80 -e VARNISH_SIZE=2G varnish
Listening ports (VARNISH_HTTP_PORT/VARNISH_PROXY_PORT)

Varnish will listen to HTTP traffic on port 80, and this can be overridden by setting the environment variable VARNISH_HTTP_PORT. Similarly, the variable VARNISH_PROXY_PORT (defaulting to 8443) dictate the listening port for the PROXY protocol used notably to interact with hitch (which, coincidentally, uses 8443 as a default too!).

# instruct varnish to listening to port 7777 instead of 80
$ docker run --tmpfs /var/lib/varnish/varnishd:exec -p 8080:7777 -e VARNISH_HTTP_PORT=7777 varnish
Extra arguments

Additionally, you can add arguments to docker run after varnish, if the first argument starts with a -, the whole list will be appendend to the default command:

# extend the default keep period
$ docker run --tmpfs /var/lib/varnish/varnishd:exec -p 8080:80 -e VARNISH_SIZE=2G varnish -p default_keep=300

If your first argument after varnish doesn't start with -, it will be interpreted as a command to override the default one:

# show the command-line options
$ docker run varnish varnishd -?

# list parameters usable with -p
$ docker run varnish varnishd -x parameter

# run the server with your own parameters (don't forget -F to not daemonize)
$ docker run varnish varnishd -F -a :8080 -b 127.0.0.1:8181 -t 600 -p feature=+http2

vmods (since 7.1)

As mentioned above, you can use vmod_dynamic for backend resolution. The varnish-modules collection is also included in the image. All the documentation regarding usage and syntax can be found in the src/ directory of the repository.

On top of this, images include install-vmod, a helper script to quickly download, compile and install vmods while creating your own images. Note that images set the ENV variable VMOD_DEPS to ease the task further.

Debian
FROM varnish:7.1

# set the user to root, and install build dependencies
USER root
RUN set -e; \
    apt-get update; \
    apt-get -y install $VMOD_DEPS /pkgs/*.deb; \
    \
# install one, possibly multiple vmods
   install-vmod https://github.com/varnish/varnish-modules/releases/download/0.20.0/varnish-modules-0.20.0.tar.gz; \
    \
# clean up and set the user back to varnish
    apt-get -y purge --auto-remove $VMOD_DEPS varnish-dev; \
    rm -rf /var/lib/apt/lists/*
USER varnish
Alpine
FROM varnish:7.1-alpine

# install build dependencies
USER root
RUN set -e; \
    apk add --no-cache $VMOD_DEPS; \
    \
# install one, possibly multiple vmods
    install-vmod https://github.com/varnish/varnish-modules/releases/download/0.20.0/varnish-modules-0.20.0.tar.gz; \
    \
# clean up
    apk del --no-network $VMOD_DEPS
USER varnish

Image Variants

The varnish images come in many flavors, each designed for a specific use case.

varnish:<version>

This is the defacto image. If you are unsure about what your needs are, you probably want to use this one. It is designed to be used both as a throw away container (mount your source code and start the container to start your app), as well as the base to build other images off of.

varnish:<version>-alpine

This image is based on the popular Alpine Linux project, available in the alpine official image. Alpine Linux is much smaller than most distribution base images (~5MB), and thus leads to much slimmer images in general.

This variant is useful when final image size being as small as possible is your primary concern. The main caveat to note is that it does use musl libc instead of glibc and friends, so software will often run into issues depending on the depth of their libc requirements/assumptions. See this Hacker News comment thread for more discussion of the issues that might arise and some pro/con comparisons of using Alpine-based images.

To minimize image size, it's uncommon for additional related tools (such as git or bash) to be included in Alpine-based images. Using this image as a base, add the things you need in your own Dockerfile (see the alpine image description for examples of how to install packages if you are unfamiliar).

License

View license information for the software contained in this image.

As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).

Some additional license information which was able to be auto-detected might be found in the repo-info repository's varnish/ directory.

As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.

About Official Images

Docker Official Images are a curated set of Docker open source and drop-in solution repositories.

Why Official Images?

These images have clear documentation, promote best practices, and are designed for the most common use cases.