Haproxy varnish and plone


can someone share experiences about varnish and the cookie SRVCOOKIE insert from haproxy? Do I have to add this cookie to the not stripped ones? Or simply ignore this directive if I don't need this optimization?

I need a very simple setup with apache -> varnish -> haproxy -> ZEO. I already used apache -> varnish -> pound -> ZEO where pound used checked _ac_cookie to stick to the same ZEO client. How haproxy will do it? Is cookie SRVCOOKIE insert in haproxy the same of

		ID "__ac"

in pound?

I don't need persistent for every browser but only for logged users (a must I would say). Or even here I can ignore it? I've few editors and editing is not an hourly common task.

Thanks for any info, especially Plone oriented.


@fredvd suggests to go directly with varnish load balancing for simpler setup, which is my case. No sticky session but I think than other than a some advantage on caching (and maybe language) on busy portals, sticky sessions are not required for a correct working site with a minimal caching and load balancing.

1 Like

We have varnish in front of nginx, like this:

# see https://info.varnish-software.com/blog/proper-sticky-session-load-balancing-varnish
# and http://varnish-cache.org/docs/7.0/users-guide/vcl-backends.html#multiple-backends
import std;
import directors;
import cookie;
import header;

sub vcl_init {
    new cdir = directors.hash();

sub vcl_recv {
    # do not cache if Plone logged in cookie is set
    if (cookie.get("__ac")) {
    if (cookie.get("ZEO_BACKEND")) {
        set req.http.X-ZEO-BACKEND = cookie.get("ZEO_BACKEND");
        set req.http.Cookie = regsuball(req.http.Cookie, "ZEO_BACKEND=[^;]+(; )?", "");
    } else {
        # The cookies will have floats in them.
        # Whatever, ehh, floats your boat can be used.
        set req.http.X-ZEO-BACKEND = "hint-" + std.random(1, 100);
    set req.backend_hint = cdir.backend(req.http.X-ZEO-BACKEND);    
sub vcl_deliver {
    # Happens when we have all the pieces we need, and are about to send the
    # response to the client.
    # You can do accounting or modifying the final object here.

    # persist the cookie
    # we need to use the header vmod as there might be a set-cookie
    # header on the object already and
    # we don't want to mess with it
    if (req.http.X-ZEO-BACKEND) {
        header.append(resp.http.Set-Cookie,"ZEO_BACKEND=" + req.http.X-ZEO-BACKEND + "; Path=/; SameSite=Strict; Expires=" + cookie.format_rfc1123(now, 60m));
    # Cleanup of headers
    unset resp.http.X-ZEO-BACKEND;