0

At work we have a varnish cluster. All the remote backends us the .host value (which I assume is required) but all the configs for the local backend, ie the backend running on the server the config/varnishd is on, use the .path value. This morning I had an issue with one of the varnish servers, basically the socket referred to by the .path did not exist and so it wouldn't start. I tried various ways to bring the socket back up, but after none worked I switched the varnish config to using the .backend value instead. I see this is a benefit, as I can now easily maintain a centralized varnish config without having to worry about compiling each config on a per-server basis (ie removing the .host line from the backend that corresponds to the specific server).

Are there significant benefits from using a socket to connect to the local varnish cluster (using hitch for SSL termination if that is a factor)? If all things are equal, I see the using .host value to be a superior option because it makes pushing config updates much simpler.

Ian Pringle
  • 103
  • 2

1 Answers1

0

Using .path for Unix Domain Sockets is a lot faster than using .host and .port for TCP/IP connections.

If throughput is a concern, please use Unix Domain Sockets as you will get a higher throughput (>100 Gbps over TLS).

If massive throughput is not that important, you can use TCP/IP which doesn't require having a UDS.

For UDS permissions matter, so make sure that both Varnish and Hitch have the right permissions to access the socket. Varnish will create the socket and Hitch will use it.

Thijs Feryn
  • 1,166
  • 4
  • 5