

WebSockets with Varnish and Nginx - thruflo
http://thruflo.com/post/23226473852/websockets-varnish-nginx

======
otterley
Varnish allocates one thread per connection. Even if it supports websockets,
it's not going to scale well across tens of thousands of simultaneous
persistent connections. The context switch and memory overhead will be
considerable.

For now, Java-based servers (using netty) and node.js may be a better idea.

~~~
pestaa
Not only that, but letting all traffic through Varnish is not a good
utilization of its resources at all.

The question is, how could I set up multiple servers on the same port? Or what
else do I need to put in front of Varnish to route WebSocket connections
elsewhere?

I'm starting to think this use case is not easy to solve under one IP address.

~~~
2mur
Node Http Proxy: <https://github.com/nodejitsu/node-http-proxy>

No need for Varnish for proxying your websockets.

~~~
thruflo
Thanks for the link. This looks like an ideal tool to fulfil the same role as
Varnish (in the stack I'd outlined) without losing SSL support or allocating
one thread per active connection.

------
PleaseBeSerious
If you have Varnish then why have nginx? Is there an advantage to having nginx
do the request routing?

~~~
roschdal
nginx can compress your HTTP traffic, while Varnish can't. So there are some
things you would need nginx for.

However, I really think that nginx should implement proper support for
WebSockets by now. I have requested this previously, but the request got
unanswered.

~~~
sureshv
FYI, compression was added to Varnish in 3.x:

[https://www.varnish-
cache.org/docs/3.0/tutorial/compression....](https://www.varnish-
cache.org/docs/3.0/tutorial/compression.html)

------
iamleppert
I like this technique! Only caveat is it adds another piece of infrastructure
(Varnish) to your stack which while Varnish is very good, some people may not
want to. But nice writeup!

------
ibotty
this does not address the problem with ssl-traffic. varnish will delegate it
to a reverse proxy _in front_ of itself. i usually deploy nginx. looks like a
catch-22 for websockets ;).

~~~
conesus
So how do you handle the case of SSL in front of web traffic and web socket
traffic? I need to handle both SSL and non-SSL. Right now I just use another
port, but my users behind a firewall can't access the websocket.

~~~
ibotty
usually a different websocket port. not what you wanted to hear i guess :|.

~~~
conesus
node-http-proxy is one option, but I'm just going to wait for nginx's native
support.

