nginx has proxycache support now. We could use it as a layer-0 in front of even varnish layer-1, with very very short TTLs just to suck up the worst DoS/surge spikes a bit. Should probably wait until we've upgraded to a post-1.6.x nginx version though, as the 1.7.x series had many related improvements and bugfixes.
Description
Description
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Declined | BBlack | T96851 Evaluate limited caching inside nginx | |||
Resolved | BBlack | T96850 Test then switch to openssl 1.0.2 + nginx 1.9.2 | |||
Resolved | BBlack | T96847 Refactor varnish puppet config | |||
Declined | BBlack | T119396 Create globally-unique varnish cache cluster port/instancename mappings | |||
Resolved | BBlack | T119394 Convert misc cluster to 2-layer |
Event Timeline
Comment Actions
Actually this isn't worth thinking about at present, because (a) we'd lose analytics for the cache hits within nginx unless we did a bunch of work to get that flowing, and (b) we'd need to also move port 80 traffic through nginx, which we're not doing currently (but might someday eventually, after HTTPS-by-default-everywhere, maybe?).