Should I enable KeepAlive on Apache backend with Varnish as frontend

apache-2.2varnish

I'm using Varnish as a frontend with Apache 2 as backend on my web server. What are the pros and cons of Apache's KeepAlive in this setting?

Apache and Varnish run on the same server now, but I could put them on different servers in the future.

Best Answer

Pro:

TCP handshake between Varnish and Apache not needed for every single request, reducing overhead.

Con:

If your Varnish service wanted to DoS your Apache service with connection exhaustion, it's easier for it to do so..?

Can you clarify what's prompting this question? HTTP connection keep-alive is implied in HTTP 1.1 and on by default in every major web server for a good reason; it's a performance improvement (though it will be a very small one with no latency between services), with a couple of denial-of-service-related caveats that aren't applicable when Apache's only client is Varnish.

I'd even recommend increasing Apache's KeepAliveTimeout higher than the default of 5 seconds, to let Varnish continue to re-use the same pool of connections.

Related Solutions

Varnish VCL Reload Fails After Adding Second Backend

I've not seen that specific error, but, when putting a backend in, I have noticed if the backend isn't referenced within the config, it has given me problems when restarting on our development servers.

storage_file: filename: /var/lib/varnish/devel/varnish_storage.bin size 1024 MB.
Message from VCC-compiler:
Unused backend default2, defined:
(input Line 11 Pos 9)
backend default2 {
--------########--
Running VCC-compiler failed, exit 1
VCL compilation failed

So, is it possible that you have no rule referencing the backend?

Backend health checking with Apache 2.2 (possible?)

The mod_proxy_balancer has such a funcionality and it can mark a backend server as unresponsive.

This configuration makes sessions "sticky" to a server and switch to the second one if it becomes unresponsive (but I am not sure if it applies to your specific situation).

 <Proxy balancer://mybalancer>
  Header add Set-Cookie "Node=prefer.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
  BalancerMember http://server1/ route=server1
  BalancerMember http://server2/ route=server2
 </Proxy>
 ProxyPass / balancer://mybalancer stickysession=Node nofailover=Off
 ProxyPassReverse / http://server1/
 ProxyPassReverse / http://server2/

Best Answer

Related Solutions

Varnish VCL Reload Fails After Adding Second Backend

Backend health checking with Apache 2.2 (possible?)

Related Topic