HELP: Varnish3

canefield

Dear all,

What is the perfect configuration with Varnish?
I saw a lot of 'cache_miss' hits…somebody any clue how to get those in cache.
Could somebody help me out with configuring Varnish3 with Microsoft Exchange 2010 (SSL)?

Furthermore, what exactly is the meaning of the expression in the 'Backend Mappings'? What syntaxes are allowed/most commonly used?
For my Exchange Server I've configured:
HOST, EQUALS, webmail.domain.com, 1h
Is that right or should it be different like 'https://webmail.domain.com/owa'? I can't find anything regarding to M$ Exchange...a pitty :P

For my test-website (ASPX) I've configured:
HOST, EQUALS, domain.com, 1h
HOST, EQUALS, www.domain.com, 1h
HOST, EQUALS, www2.domain.com, 1h
Is that right or should it be different? Are the none mentioned URLs being bounced/rejected for instance 'web.domain.com' and 'domain.com/summer'?
Can/Should I make use of Wildcards (*)?

Overall, what happens when using lets say 'http://www.domain.com' or 'https://www.domain.com' as the expression? Also these options about Maps (Host/Url) and Match (Equals/Regex), what does this mean? Some explanations/examples/scenarios are more than welcome?

Thanks a lot,
Canefield

As for future example and configuration (also LB (HTTP & HTTPS)) and all Varnish users:
http://www.lullabot.com/articles/varnish-multiple-web-servers-drupal

marcelloc

canefield,

The first point is that varnish handles only http.

My setup has varnish for http and haproxy for https

That's why squid3 was the easy-to-use suggestion on that TMG alternative post.

canefield

Marcello and others,

Indead a easy-to-use scenario…but a really want to have a fast, stable and reliable system. I now think that Varnish is much faster than Squid3, right?
As far as the read Varnish can handle SSL; see the link a posted with it. What is your aswer now? :)

Any answer on the rest of my post?

KR,
Canefield

canefield

All,

Anybody ???

Thanks in advance,
Canefield

marcelloc

@canefield:

As for future example and configuration (also LB (HTTP & HTTPS)) and all Varnish users:
http://www.lullabot.com/articles/varnish-multiple-web-servers-drupal
As far as the read Varnish can handle SSL; see the link a posted with it. What is your aswer now? :)

The answer is:

Great news!  :)
I'll start to test this feature and implement it on varnish3.

att,
Marcello Coutinho

marcelloc

The doc ends on the same point:

Yep, you got it exactly. Varnish does not handle SSL itself. If it receives a request that is SSL encrypted it will pass it directly to Apache. For us though, we have the load balancer decrypt/encrypt and all traffic between Varnish and Apache is normal HTTP (but we keep using a different port number so we can tell if the page will eventually be secured).

and suggests the same "when time permits solution"
_]Another way to handle SSL is

Another way to handle SSL is to put pound (http://www.apsis.ch/pound/) in front of varnish for port 443 and do lightweight SSL decryption and then you get the benefit of Varnish for even the SSL encrypted traffic._

The only thing that I can include in this package is the pass trough function. But IIRC, all servers should have the same config/sites to share the same ip as varnish can't see the request it self, just a ssl connection.