Page MenuHomePhabricator
Create Task
Maniphest T96851

Evaluate limited caching inside nginx
Closed, DeclinedPublic
Actions

Description

nginx has proxycache support now. We could use it as a layer-0 in front of even varnish layer-1, with very very short TTLs just to suck up the worst DoS/surge spikes a bit. Should probably wait until we've upgraded to a post-1.6.x nginx version though, as the 1.7.x series had many related improvements and bugfixes.

Related Objects
Search...

Event Timeline

BBlack created this task.Apr 22 2015, 1:57 PM
BBlack raised the priority of this task from to Needs Triage.
BBlack updated the task description. (Show Details)
BBlack added projects: acl*sre-team, Traffic.
BBlack subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 22 2015, 1:57 PM
BBlack added a subtask: T96850: Test then switch to openssl 1.0.2 + nginx 1.9.2.Apr 22 2015, 1:58 PM
BBlack triaged this task as Low priority.Apr 22 2015, 2:00 PM
BBlack set Security to None.
BBlack added a subtask: T96847: Refactor varnish puppet config.
BBlack changed the status of subtask T96850: Test then switch to openssl 1.0.2 + nginx 1.9.2 from Open to Stalled.Apr 26 2015, 11:07 PM
BBlack closed this task as Declined.Apr 26 2015, 11:16 PM
BBlack claimed this task.

Actually this isn't worth thinking about at present, because (a) we'd lose analytics for the cache hits within nginx unless we did a bunch of work to get that flowing, and (b) we'd need to also move port 80 traffic through nginx, which we're not doing currently (but might someday eventually, after HTTPS-by-default-everywhere, maybe?).

BBlack raised the priority of this task from Low to High.Apr 30 2015, 5:50 PM
BBlack moved this task from Backlog to Done on the Traffic board.
BBlack changed the status of subtask T96850: Test then switch to openssl 1.0.2 + nginx 1.9.2 from Stalled to Open.Jun 22 2015, 12:07 PM
BBlack closed subtask T96850: Test then switch to openssl 1.0.2 + nginx 1.9.2 as Resolved.Jun 28 2015, 7:37 PM
Restricted Application added a subscriber: Matanya. · View Herald TranscriptJun 28 2015, 7:37 PM
BBlack closed subtask T96847: Refactor varnish puppet config as Resolved.Feb 19 2016, 4:50 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL