Unfortunately, I haven't written a howto, but I'm working on doing something along those lines for internal purposes at my company. I'll likely get around to doing a howto eventually. I hope you don't mind that I posted this back to the list, but I figured it would be useful to folks... A few tips: - Run Squid on a dual-homed box, with a public and private network interface. Your web servers / ZEO clients would be on the private interface for security reasons. - Redirectors simply rewrite URLs so that Squid can get content from somewhere other than the intended URL. pyredir (you can find it on freshmeat) is a good redirector for rewriting URLs in squid, written in python, and uses a simple syntax and regexes for a config file. It has to be hacked to support things like http POST and HEAD requests (by default, it only rewrites GET requests). I also hacked pyredir to make logging optional, since I didn't see much value in keeping a rewrite/redirector log (I didn't have log rotation on this, and ran into a 2GB file-size limit, so I just made it optional). I redirect to nodes.foo.com, for example, which is set up to have several IP addresses associated with it in /etc/hosts. You need to make sure that the URL you are redirecting to has the correct URL for Virtual Host Monster. - You will be setting up Squid in "accelerator mode" which is different than normal proxy, in that it accepts normal http requests, unlike a proxy server. It caches pages, which is good, unless you do not want them cached. Make sure you set up ACLs in squid.conf to prevent the caching of ZMI pages using the no_cache directive. Also, if you want, bind Zope management interface access with another Squid ACL to the private interface, so it can only be accessed from the private network; this works out well if your changes are only made from a protected office network or the like. - Supporting multiple ZEO client nodes in squid involves 2 things: compiling Squid with "external DNS" support, which means you use an external daemon to do lookups... in newer versions of Squid, instead of doing this, Squid uses internal lookup code instead of your machine's resolver libraries, which prevents correct round-robin behavior. Compile with external DNS support and make sure you spawn enough external 'dnsserver' daemons to handle the lookup load... Keep in mind that in an accelerator, this needn't be that high, because squid will cache the IP address lookups after the first time. You will need to create multiple entries in /etc/hosts with the same domain name; when the squid dnsserver process queries for a lookup, it will return to Squid multiple IP addresses. Squid will internally round robin them equally weighted (at least if the box is under anything above a moderate traffic load). In order to support this, you will likely need to use a source install of Squid (for example, the binary Debian package for Squid isn't compiled with external dns support). - Supporting Virtual Hosts in Zope with Squid is the same as in Apache, you just use the squid redirector instead of mod_rewrite rules, and you use a Virtual Host Monster. I hope this is useful info. Sean -----Original Message----- From: Steve Drees [mailto:drees@rangebroadband.com] Sent: Tuesday, September 18, 2001 12:33 PM To: sean.upton@uniontrib.com Subject: RE: [Zope] Question: Virtual Site Hosting on Zope any chance you've written a how-to up on this? :)
-----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of sean.upton@uniontrib.com Sent: Tuesday, September 18, 2001 12:17 PM To: mike@flipper.eskimo.net; zope@zope.org Subject: RE: [Zope] Question: Virtual Site Hosting on Zope
Consider using Squid as an http accelerator, a Squid redirector (internally rewrites URLs prior to proxy; I use pyredir - it is written in Python, and is easy to modify), and a virtual host monster. Squid can load balance multiple back-end web servers (well, round-robin), which makes this an especially useful setup if you ever see youself using ZEO. This setup bypasses the need for using Apache to interface with Zope, and Apache running on a different port can be proxied to as well by squid, based upon how you have set up your redirector rules.
Sean
-----Original Message----- From: Michael Murphy [mailto:mike@flipper.eskimo.net] Sent: Monday, September 17, 2001 10:17 AM To: zope@zope.org Subject: [Zope] Question: Virtual Site Hosting on Zope
I know this will be an easy question for this mailing list... Is there generally considered to be a 'best way' of doing Virtual Site Hosting on Zope? I have skimmed some HOWTOs on www.zope.org, but I am afraid the material may be a bit dated and a 'better way' may be generally known. Any help would be appreciated!
Mike
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )