varnish with ssl
kb+varnish at slide.com
Thu Apr 8 19:37:41 CEST 2010
On Apr 7, 2010, at 5:20 PM, Michael Fischer wrote:
>> The single-process model as regards scalability is a red herring.
> It matters a lot with SSL. The handshaking process is very
> CPU-intensive. You really want something that's SMP-scalable.
Run one single-process model process for each core in your machine. You also get the rather academic bonus of less context-switching and less cache thrash (assuming a decent scheduler and affinity). This is also how you would leverage multiple machines.
Persistent load balancing involves slightly more human setup than a single process on a single machine that handles the multi-(process|thread)ing itself, but I think discussing the finer points of performance and architecture are dubious if one's entire site runs on a single machine. :-)
I am not a proponent of the single-process model, nor any other particular model for that matter -- they can all be made to work and scale, and deciding between them depends on circumstances beyond their scope. But I do know that if I was a proponent of any single one, it would be because I had too much time on my hands. :-P
More information about the varnish-misc