10

I'm thinking about the architecture for a new Webserver. Would having Varnish as a cache in front of Nginx as a reverse-proxy and serving static files in front of apache for all heavy lifting be a good idea?

I'm going to run php and ruby on rails applications.

Will there be too much overhead passing php requests to apache through two other processes?

Thanks a lot!

Zoran Zaric
  • 283
  • 3
  • 8

7 Answers7

8

Yeah, it's valid. My personal approach would be to use Varnish up front and use VCL to split the traffic between static NGINX requests and your heavy lifting (whether that be Apache or Passenger or... it doesn't matter). This is especially true if it is on the same machine as you don't need the extra overhead. It doesn't necessarily buy you anything.

McJeff
  • 2,019
  • 13
  • 11
6

Varnish doesn't (yet) support gzip compression, so it might be an idea to swap it around with nginx in front to compress what varnish sends back. Since varnish and nginx don't fight for the same resources (nginx uses CPU for gzip compression, while varnish uses memory) they should run smoothly on the same machine.

Varnish now supports gzip compression, so unless you need SSL termination (as suggested in the comments), I would suggest putting varnish directly in contact with the Internet.

For http:

(internet) --> (varnish, gzip, caching, esi) --> (application)

For https:

(internet) --> (nginx, ssl)--> (varnish, gzip, caching, esi) --> (application)

If you want apache in there too (for the ubiquitous mod_foobar support), I'd put it between varnish and the application

Update: Updated to include gzip support in varnish 3.0. Added ssl / esi as suggested in comments

Community
  • 1
mogsie
  • 280
  • 1
  • 4
  • If whatever is serving content to varnish encodes it in gzip, then varnish will pass it on gzipped without complaining: http://varnish-cache.org/wiki/FAQ/Compression The only thing varnish doesn't do is take content which is uncompressed from the uncached application and reserve it compressed. Is this your understanding as well? – ewalk Jun 15 '10 at 17:48
  • The only time you run nginx in front of varnish is when you are using ESI. Since you cannot do ESI assembly from compressed pages, and Varnish will not compress an assembled page, Nginx is placed in front of Varnish to provide that compression. If the origin serves the content compressed, Varnish will pass that data to the client in compressed form. – user6738237482 Jun 15 '10 at 18:48
  • Yeah, ESI is one of the reasons why I'd recommend this configuration, but I guess that if your backend compresses and you don't use ESI, you could dispense with nginx, since I believe varnish can handle quite a lot of traffic without breaking a sweat. – mogsie Jul 07 '10 at 20:34
  • @user6738237482, nginx suport SSL termination, Varnish does not. In fact, being in front of something like varnish or Apache is exactly what nginx was originally designed for, as a fast, lightweight proxy server. – rmalayter Apr 18 '11 at 13:03
4

The amount of overhead shouldn't be significant. I'm assuming part of the reason you want to have these two tiers is for scalability; in which case you would most likely see, relative to apache, that varnish and nginx aren't working very hard.

If you all three tiers on one machine, there should be less of a performance impact before you reach the capacity of the server itself.

As an alternative, why not varnish + nginx with passenger? I've used this setup in the past and nginx using passenger is relatively light, and ran pretty well. Might be worth thinking about if you're not married to apache running your rails stack.

Tony
  • 482
  • 3
  • 3
  • yeah i might switch from apache to nginx for rails, but giving customers the ability to use .htaccess files is a + for apache, for php at least. – Zoran Zaric May 20 '10 at 18:22
2

I am the sys admin for a startup ecommerce platform. We use varnish+nginx in front of our PHP/apache stack and it has worked wonders.

We have a high memory use application and the app was using around 15-20gigs of RAM per webnode and once we put varnish in front it is now around 8gig of RAM per node. They have never spiked.

So I highly recommend it.

Mike
  • 21,910
  • 7
  • 55
  • 79
1

I'm running Drupal, with boost module on an Apache+PHP+MySQL server, but in front of them I'm using Nginx with gzip-static feature on, and using the results of boost to serve the users.

And on the top of all of that I'm using varnish, all on the same PC, I'm having good results.

I'm also using Nginx to tweak the headers that Drupal does not do very well for cache.

Ben Pilbrow
  • 11,995
  • 5
  • 35
  • 57
Go2linux
  • 11
  • 1
0

It isn't a good idea unless you need something like ESI. Nginx has it's own caching system that performs better.

VBart
  • 8,159
  • 3
  • 24
  • 25
  • I know this is an old answer, but unfortunately that link is no longer available, so I'm unable to verify your claim. In my experience Varnish is hard to beat in its speed and flexibility as a reverse-proxy. – Martijn Heemels Jun 25 '15 at 13:13
  • @MartijnHeemels http://web.archive.org/web/20130501222206/http://todsul.com/nginx-varnish and there's another benchmark: https://nbonvin.wordpress.com/2011/03/24/serving-small-static-files-which-server-to-use/ – VBart Jun 28 '15 at 15:46
-1

Apache can be used to SSL terminate (decrypt), check http://noosfero.org/Development/Varnish#SSL

brauliobo
  • 177
  • 8
  • 1
    Please avoid posting links as answers, as your answer is likely to lose all meaning when it is affected by [linkrot](https://en.wikipedia.org/wiki/Link_rot). Please consider editing your answer and including relevant parts from the link you have supplied in your answer. By all means leave the link in place as a reference. – Bryan Jul 04 '13 at 22:07