varnish daemon not listening on configured port

Question

I'm trying to install varnish on ubuntu 16.04,

I read several article none are working. From what I read, since ubuntu 15.04, the way of configuring varnish has changed (because of systemd).

Now on I've got a real mess wich don't work :

/etc/default/varnish :

DAEMON_OPTS="-a :80 \
             -T localhost:6082 \
             -f /etc/varnish/default.vcl \
             -S /etc/varnish/secret \
             -s malloc,256m"

/etc/varnish/default.vcl (normally it points to a host pointing to 127.0.0 and port 8080, but for debuging purpose I modified it to an external domain) vcl 4.0;

# Default backend definition. Set this to point to your content server.
backend default {
    .host = "www.varnish-cache.org"; 
    .port = "80";
}

/etc/apache2/ports.conf

Listen 8080

grep -R 'ExecStart=/usr/sbin/varnishd' /etc/

/etc/systemd/system/varnish.service:ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
/etc/systemd/system/varnish.service.d/customexec.conf:ExecStart=/usr/sbin/varnishd -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
/etc/systemd/system/multi-user.target.wants/varnish.service:ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m

/lib/systemd/system/varnish.service :

  GNU nano 2.5.3                                                Fichier : /lib/systemd/system/varnish.service                                                                                                      

[Unit]
Description=Varnish HTTP accelerator
Documentation=https://www.varnish-cache.org/docs/4.1/ man:varnishd

[Service]
Type=simple
LimitNOFILE=131072
LimitMEMLOCK=82000
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
ExecReload=/usr/share/varnish/reload-vcl
ProtectSystem=full
ProtectHome=true
PrivateTmp=true
PrivateDevices=true

[Install]
WantedBy=multi-user.target

service --status-all | grep varnish

 [ - ]  varnish
 [ + ]  varnishlog
 [ + ]  varnishncsa

after a

sudo service varnish stop
sudo service varnish start

The varnish service is not listening on http://127.0.0.1:80/, before a reboot, it listend on http://127.0.0.1:6081/ but it don't work no more ... I don't know what to do more...

EDIT : after a reboot, nothing works,

if I do : systemctl status varnish

● varnish.service - Varnish HTTP accelerator
   Loaded: loaded (/etc/systemd/system/varnish.service; enabled; vendor preset: enabled)
  Drop-In: /etc/systemd/system/varnish.service.d
           └─customexec.conf
   Active: inactive (dead) since jeu. 2017-01-05 14:48:09 CET; 1s ago
     Docs: https://www.varnish-cache.org/docs/4.1/
           man:varnishd
  Process: 5077 ExecStart=/usr/sbin/varnishd -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m (code=exited, status=0/SUCCESS)
 Main PID: 5077 (code=exited, status=0/SUCCESS)

janv. 05 14:48:09 xubuntu-16 systemd[1]: Started Varnish HTTP accelerator.

service --status-all | grep varnish

 [ - ]  varnish
 [ - ]  varnishlog
 [ - ]  varnishncsa

if I sudo : varnishd -d -f /etc/varnish/default.vcl, then start, everything works fine... until i quit the cli

solved thanks to @Gerald Schneider response. I post the steps I had to do :

sudo apt remove varnish
sudo apt-get purge varnish
# I manually remove the 3 files in created in /etc/systemd/system/*
sudo apt install varnish
sudo nano /lib/systemd/system/varnish.service # put the rigth conf
sudo nano /etc/varnish/default.vcl #put the rigth conf
sudo systemctl daemon-reload
sudo service varnish restart

and everything works fine! the magic is in the /lib/systemd/system/varnish.service file, other online resources that I found made me make think it is elsewhere, so beware of the online (outdated) tutorials!

Probably needed to just remove your previous drop in -> . /etc/systemd/system/varnish.service — Mike Q, Dec 17 '18 at 20:10

Gerald Schneider · Accepted Answer · 2018-04-26T09:07:17.857

17

You need to change the varnish start parameters in the systemd service definition as well. You could edit the line starting with ExecStart in the service defintion file:

sudo vi /lib/systemd/system/varnish.service

Modifying this file however, has the disadvantage that it will not be updated in future updates of the package. Alternatively, as suggested in the comments, you could create a systemd drop in file, which is the preferred way of adding settings to systemd definitions.

# create the drop in directory
sudo mkdir /etc/systemd/system/varnish.service.d
# create the drop in file. The name is irrelevant, as long as it ends in .conf
sudo vi /etc/systemd/system/varnish.service.d/mysettings.conf

Here you only need to add the settings you want do change, everything else will be loaded from the default definition file.

Example:

[Service]
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m

_{This is the default line, change it as you need}

Afterwards, tell systemctl to reload it's config files and to restart the service

sudo systemctl daemon-reload
sudo service varnish restart

Varnish should now listen on port 80.

edited Apr 26 '18 at 09:07

answered Jan 05 '17 at 13:55

Gerald Schneider

19,757
8
52
79

I've done this, this file contain : `[...] [Unit] Description=Varnish HTTP accelerator Documentation=https://www.varnish-cache.org/docs/4.1/ man:varnishd [Service] Type=simple LimitNOFILE=131072 LimitMEMLOCK=82000 ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m ExecReload=/usr/share/varnish/reload-vcl [...] ` – Bruno Jan 05 '17 at 13:56
Maybe you should restore the default configuration files for apache and varnish and start over. I've set this up to test it and I only had to change the apache config to listen on port 8080 and the single line in varnish.service. Nothing else. – Gerald Schneider Jan 05 '17 at 14:00
thanks, it worked! I add the steps to uninstall in my post – Bruno Jan 05 '17 at 14:09
This is the wrong approach. Systemd unit files in /lib/systemd should not be edited, they should be overridden with drop-in files in /etc/systemd – Stephen Apr 15 '17 at 12:24
1

`systemctl edit varnish.service` automates creating unit file override drop-ins for you – HBruijn Dec 11 '18 at 09:17
You always learn something new ... – Gerald Schneider Dec 11 '18 at 10:07
`varnish.service: Service has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.` – itsazzad Sep 25 '19 at 18:06
You need a blank `ExecStart=` line before the actual `ExecStart` line in order to "clean" the setting. More on that at https://github.com/moby/moby/issues/14491#issuecomment-119873335 – cherouvim Jul 01 '22 at 08:44

score 7 · Answer 2 · edited Jun 06 '19 at 20:55

Note that the drop-in should have an empty ExecStart= Otherwise you will get an error starting the service (duplicate ExecStart)

sudo mkdir /etc/systemd/system/varnish.service.d
sudo nano /etc/systemd/system/varnish.service.d/varnishd.conf

With

[Service]
ExecStart=
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T <YOUR WEBSERVER IP>:8081 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m

varnish daemon not listening on configured port

EDIT : after a reboot, nothing works,

solved thanks to @Gerald Schneider response. I post the steps I had to do :

2 Answers2

Linked