[Zope] Question: Virtual Site Hosting on Zope

sean.upton@uniontrib.com sean.upton@uniontrib.com
Wed, 19 Sep 2001 09:28:44 -0700 

Unfortunately, I haven't written a howto, but I'm working on doing something
along those lines for internal purposes at my company.  I'll likely get
around to doing a howto eventually.  I hope you don't mind that I posted
this back to the list, but I figured it would be useful to folks... A few
tips:

- Run Squid on a dual-homed box, with a public and private network
interface.  Your web servers / ZEO clients would be on the private interface
for security reasons.

- Redirectors simply rewrite URLs so that Squid can get content from
somewhere other than the intended URL.  pyredir (you can find it on
freshmeat) is a good redirector for rewriting URLs in squid, written in
python, and uses a simple syntax and regexes for a config file.  It has to
be hacked to support things like http POST and HEAD requests (by default, it
only rewrites GET requests).  I also hacked pyredir to make logging
optional, since I didn't see much value in keeping a rewrite/redirector log
(I didn't have log rotation on this, and ran into a 2GB file-size limit, so
I just made it optional).  I redirect to nodes.foo.com, for example, which
is set up to have several IP addresses associated with it in /etc/hosts.
You need to make sure that the URL you are redirecting to has the correct
URL for Virtual Host Monster.

- You will be setting up Squid in "accelerator mode" which is different than
normal proxy, in that it accepts normal http requests, unlike a proxy
server.  It caches pages, which is good, unless you do not want them cached.
Make sure you set up ACLs in squid.conf to prevent the caching of ZMI pages
using the no_cache directive.  Also, if you want, bind Zope management
interface access with another Squid ACL to the private interface, so it can
only be accessed from the private network; this works out well if your
changes are only made from a protected office network or the like.

- Supporting multiple ZEO client nodes in squid involves 2 things: compiling
Squid with "external DNS" support, which means you use an external daemon to
do lookups... in newer versions of Squid, instead of doing this, Squid uses
internal lookup code instead of your machine's resolver libraries, which
prevents correct round-robin behavior.  Compile with external DNS support
and make sure you spawn enough external 'dnsserver' daemons to handle the
lookup load...  Keep in mind that in an accelerator, this needn't be that
high, because squid will cache the IP address lookups after the first time.
You will need to create multiple entries in /etc/hosts with the same domain
name; when the squid dnsserver process queries for a lookup, it will return
to Squid multiple IP addresses.  Squid will internally round robin them
equally weighted (at least if the box is under anything above a moderate
traffic load).  In order to support this, you will likely need to use a
source install of Squid (for example, the binary Debian package for Squid
isn't compiled with external dns support).

- Supporting Virtual Hosts in Zope with Squid is the same as in Apache, you
just use the squid redirector instead of mod_rewrite rules, and you use a
Virtual Host Monster.

I hope this is useful info.

Sean

-----Original Message-----
From: Steve Drees [mailto:drees@rangebroadband.com]
Sent: Tuesday, September 18, 2001 12:33 PM
To: sean.upton@uniontrib.com
Subject: RE: [Zope] Question: Virtual Site Hosting on Zope


any chance you've written a how-to up on this? :)

> -----Original Message-----
> From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of
> sean.upton@uniontrib.com
> Sent: Tuesday, September 18, 2001 12:17 PM
> To: mike@flipper.eskimo.net; zope@zope.org
> Subject: RE: [Zope] Question: Virtual Site Hosting on Zope
>
>
> Consider using Squid as an http accelerator, a Squid redirector
> (internally
> rewrites URLs prior to proxy; I use pyredir - it is written in Python, and
> is easy to modify), and a virtual host monster.  Squid can load balance
> multiple back-end web servers (well, round-robin), which makes this an
> especially useful setup if you ever see youself using ZEO.  This setup
> bypasses the need for using Apache to interface with Zope, and Apache
> running on a different port can be proxied to as well by squid, based upon
> how you have set up your redirector rules.
>
> Sean
>
> -----Original Message-----
> From: Michael Murphy [mailto:mike@flipper.eskimo.net]
> Sent: Monday, September 17, 2001 10:17 AM
> To: zope@zope.org
> Subject: [Zope] Question: Virtual Site Hosting on Zope
>
>
> I know this will be an easy question for this mailing list...   Is there
> generally considered to be a 'best way' of doing Virtual  Site Hosting
> on Zope?  I have skimmed some HOWTOs on www.zope.org, but I am afraid
> the material may be a bit dated and a 'better way' may be generally
> known.  Any help would be appreciated!
>
> Mike
>
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>