Varnish ssl

From Skytech
Revision as of 18:16, 25 March 2012 by Martin (talk | contribs) (Created page with "Category:Linux = Varnish SSL = If you just want roundrobin ssl forwards to your ssl servers (with no ssl residing on the varnish cache) - we just create a wrapper to that po…")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


Varnish SSL

If you just want roundrobin ssl forwards to your ssl servers (with no ssl residing on the varnish cache) - we just create a wrapper to that port:

Source: http://www.lullabot.com/articles/varnish-multiple-web-servers-drupal 

# Define the list of backends (web servers).
# Port 80 Backend Servers
backend web1 { .host = "192.10.0.1"; .probe = { .url = "/status.php"; .interval = 5s; .timeout = 1s; .window = 5;.threshold = 3; }}
backend web2 { .host = "192.10.0.2"; .probe = { .url = "/status.php"; .interval = 5s; .timeout = 1s; .window = 5;.threshold = 3; }}

# Port 443 Backend Servers for SSL
backend web1_ssl { .host = "192.10.0.1"; .port = "443"; .probe = { .url = "/status.php"; .interval = 5s; .timeout = 1 s; .window = 5;.threshold = 3; }}
backend web2_ssl { .host = "192.10.0.2"; .port = "443"; .probe = { .url = "/status.php"; .interval = 5s; .timeout = 1 s; .window = 5;.threshold = 3; }}

# Define the director that determines how to distribute incoming requests.
director default_director round-robin {
  { .backend = web1; }
  { .backend = web2; }
}

director ssl_director round-robin {
  { .backend = web1_ssl; }
  { .backend = web2_ssl; }
}

# Respond to incoming requests.
sub vcl_recv {
  # Set the director to cycle between web servers.
  if (server.port == 443) {
    set req.backend = ssl_director;
  }
  else {
   set req.backend = default_director;
  }
}
Retrieved from "https://wiki.skytech.dk/index.php?title=Varnish_ssl&oldid=1828"