When to use Varnish in front or behind NGinx
Admin Beckspaced
admin at beckspaced.com
Wed Sep 11 07:15:44 UTC 2024
Am 11.09.2024 um 08:36 schrieb Dridi Boukelmoune:
> On Fri, Aug 30, 2024 at 1:59 PM Lee Daniel <lee at caribbeannewmedia.com> wrote:
>> Hey Guys,
>>
>> So happy to find this mailing list.
>> I am 2-3 weeks into using Varnish Cache for the first time.
>>
>> I am on a Plesk Webserver with multiple domains (Mainly Drupal sites) running Centos.
>> Plesk has an Nginx:80 -> Apache:7080 setup.
>>
>> Following Varnish documentation for 4.1.11, which is the latest version compatible with Drupal:
>>
>> Changed Nginx port from 80 to 8080.
>> Changed Varnish default port from 6081 to 80.
>> Changed my default backend to point back to Nginx on port 8080.
>> So now I have, Varnish -> Nginx -> Apache
>>
>> I do some test with Curl -I and get some hits.
>>
>> Connected to my Drupal sites successfully.
>>
>> However, doing some research I found out that Nginx does not support ssl/tls natively.
>>
>> Therefore, if ssl/tls termination needed, Varnish would have to be placed behind NGinx.
>>
>> e.g Nginx:80 -> Varnish:6080 -> Apache:7080
>>
>> My job was to install Varnish on our servers to be used on specific sites for Caching purposes.
>>
>> I've read that Varnish first if you mainly want Caching and the full power of Varnish or Varnish behind Nginx if you want ssl termination and reduced power of Varnish Caching.
>>
>>
>> Can someone please weigh in on this?
>> Weigh in heavy if you must ��
> Hi Lee,
>
> I'm wondering why you need an Apache (I assume httpd) server in the
> first place, my understanding is that there is a good deal of overlap
> with nginx in terms of features. If you want varnish to be your
> caching layer, then it should probably be behind nginx with no caching
> in nginx itself. If you do introduce varnish, then you will likely
> need something behind it to speak FastCGI with your PHP application.
> It can be httpd, or you could loop back to nginx.
>
> So the second suggestion is probably your safest bet:
>
> nginx:443 -> varnish:6081 -> httpd:7080
>
>
> Dridi
Hello there,
why not use hitch as TLS/SSL terminator?
https://github.com/varnish/hitch
my setup is hitch:443 -> varnish -> apache
Becki
More information about the varnish-misc
mailing list