[Cialug] Web caches and SSL

Tue Aug 25 12:05:09 CDT 2015

I will send privately my system administrator notes for the machine i 
experimented with this stuff on.

I'm guessing with only 512 MB that you can be successful, depending on 
what else is on the machine. Databases will eat some RAM, for example. 
For comparison, my server has 2 GB (of which over 1 GB is used by Linux 
for cache). But once i subtract RAM used by buffers and cache, it is 
actually only using about 400 MB for the running software. Currently it 
is running MySQL, Apache, and Nginx. So, 512 seems within the realm of 
possibility, though performance may suffer a bit with less cache.

I did do some actual benchmarking when trying to get more performance. 
Here are the numbers:

Raw Apache:
    Requests per second:    9.86 [#/sec] (mean)
After installing APC:
    Requests per second:    32.57 [#/sec] (mean)
After installing W3 Total Cache:
    Requests per second:    92.97 [#/sec] (mean)
After installing Nginx:
    Requests per second:    1105.62 [#/sec] (mean)
After installing Varnish:
    Requests per second:    2574.20 [#/sec] (mean)

On 2015-08-25 at 11:29:56 Matthew Nuzum wrote:
> I was looking into that and I'd love to hear more about how it helped
> you. The reason I use Varnish is because I tend to use very low cost
> web servers, for example the $5 droplet at Digital Ocean. These
> servers work just fine 99% of the time, but if there's a sudden spike
> they fall over.
> 
> Varnish helps in two ways: It serves spikes from cache, which is the
> number one reason I use it, and it also helps the site feel generally
> more snappy even when not loaded.
> 
> My fear is/was that having an extra web server end point in the mix,
> too much of the server's resources would go towards proxying rather
> than serving the content.
> 
> Frankly, I haven't tested this, so I'm just being lazy, but do you
> think this scenario would work in a low-mem (512MB for example)
> environment?
> 
> On Tue, Aug 25, 2015 at 10:08 AM, Daniel A. Ramaley <
> 
> daniel.ramaley at drake.edu> wrote:
> > Multiple proxy layers can work. At one time i had Varnish -> Nginx
> > ->
> > Apache. I saw a 3 orders of magnitude performance improvement over
> > Apache alone for the particular application (WordPress). It is more
> > complicated to have multiple layers though; eventually i removed
> > Varnish from my stack because Nginx alone added sufficient
> > performance for our needs and each layer does add more
> > troubleshooting overhead when something goes wrong.
> > 
> > On 2015-08-25 at 09:54:05 Matthew Nuzum wrote:
> > > I saw this in RH's OpenSource.com newsletter today: Why every
> > > website
> > > should switch to HTTPS
> > > http://opensource.com/business/15/8/interview-daniel-roesler-utili
> > > tyap i?sc_cid=70160000000x3vkAAA
> > > 
> > > Last year I started switching all my sites over to SSL. A few of
> > > my
> > > sites were using a Varnish web cache to speed them up. Since
> > > Varnish
> > > doesn't terminal SSL I have been taking it out of the stack.
> > > 
> > > I miss it, though. It helped a lot, even if it did make some
> > > things
> > > more complicated. Are the days of using a web cache in this way
> > > gone?
> > > 
> > > I know I could use a web server to terminate SSL, then proxy to
> > > Varnish which would then proxy to the backend web server. This
> > > seems
> > > like a lot of proxying, which is why I'm not doing it. Is there an
> > > easier/better way that I should consider?
> > 
> > __
> > Daniel A. Ramaley  |  Network Engineer 2
> > Drake Technology Services (DTS) | Drake University
> > 
> > T: +1 515 271-4540
> > F: +1 515 271-1938
> > E: daniel.ramaley at drake.edu
__
Daniel A. Ramaley  |  Network Engineer 2
Drake Technology Services (DTS) | Drake University

T: +1 515 271-4540
F: +1 515 271-1938
E: daniel.ramaley at drake.edu