Any thoughts anyone? Good idea / bad idea? Thanks,
Sam 2010/1/23 Sam Crawford <[email protected]>: > Evening all, > > I've been an avid Varnish user both personally and at work for a > couple of years now. At work we use it to cache content across our > global intranet, handling a few million requests per day. At present, > we have the following logical setup... > > F5 GTM (GSLB device) > F5 load balancer > Varnish > In-house Java > Reverse Proxy > Backend applications (hundreds) > > Varnish and the in-house reverse proxy reside on the same servers, > with varnish having a single backend pointing at the in-house reverse > proxy (the F5s handle failover between instances). > > The in-house Java reverse proxy performs a range of functions, > including (but certainly not limited to): > > * Authenticating/authorising users via our Single Sign On service > * Header injection to help backend applications identify users > * Catching cookies from backend applications and delivering a single > pointer cookie back to clients > > I've been wondering if we could write some C extensions to Varnish to > remove the need for the Java reverse proxy. This would help flatten > the infrastructure and save on latency (which is pretty important for > us). The standard Varnish VCL capabilities would meet many of our > requirements, but for some functions we'd certainly need to write > extensions (such as making an out-of-band HTTP request to an SSO > server in order to validate an SSO cookie (which we'd also need to > cache!)). > > Whilst I know it's technically feasible for us to do this, I was > wondering (a) if anyone is already doing something similar and (b) if > the community thinks I'm completely mad for evening thinking about > doing it :-) > > Thanks, > > Sam > _______________________________________________ varnish-misc mailing list [email protected] http://projects.linpro.no/mailman/listinfo/varnish-misc
