Hacker News new | ask | show | jobs
by opentokix 656 days ago
Useless

Varnish is not better in any shape or form than nginx for static content. Varnish has one single usecase, php-sites. - For everything else it will just add a layer of complexity that give no gains. And since varnish is essentially built on apache there is some issues with how it handles connections above about 50k/sec - where it gets complicated to configure, something that nginx does not have.
3 comments
mrweasel 656 days ago
> varnish is essentially built on apache

Do you mean built "for" Apache? Because I think it written from scratch.

I wouldn't call it useless, but it's not exactly a CDN, it's missing the "Network" bit. This is just caching. You'd need something like this, but scaled out on multiple locations for it to be a CDN.

Also most of it isn't exactly NetBSD related, the same approach works on anything that runs Varnish and Nginx.

link
firesteelrain 656 days ago
It was built in 2005 by Poul-Henning Kamp. It can work with Apache. But definitely not the same codebase.
link
youngtaff 656 days ago
How wrong can one comment be?

You might want to read this post on the founding of Varnish https://info.varnish-software.com/blog/history-varnish-cache...

And Fastly would certainly disagree that it’s only useful for PHP as they built a whole company based on Varnish

link
perbu 656 days ago
There are quite a few CDNs based on Varnish out there. Most of them are private, though, so you don't really see them.
link
firesteelrain 656 days ago
You have a valid point regarding nginx for static content and its simplicity.

The rest of what you wrote is either wrong, oversimplified, or inaccurate.

link
youngtaff 656 days ago
Thing I've never understood with nginx is why would I want my web server to also be my mail server?
link
SahAssar 656 days ago
I think most nginx deployments only do web, but the article on mail functionality does outline some of the reasons: https://docs.nginx.com/nginx/admin-guide/mail-proxy/mail-pro...

Besides those listed I think a plus would be to only have one server listening on priviliged ports (<1024), using the same/similar TLS configuration for both web and mail, etc. Basically having one service be the arbiter of your incoming traffic and its encryption.

Some people also throw dns via DoH/DoT in: https://www.f5.com/company/blog/nginx/using-nginx-as-dot-doh...

link
firesteelrain 656 days ago
I suppose the technology inside nginx provides similar benefits as mail proxy as it would for a web proxy.
link