Zeo + Varnish Round Robin or Client Director

what is the "better" choice when i use Varnish to load-balancing for a Plone - Zeo Installation. I know that's a spongy
Question, but has anyone practical knowledge with this two options, Can anyone tell me what the pros and cons of the one or other option?
Best Regards, Jan

The typical setup is

Apache or Nginx -> Varnish -> HAProxy -> App servers

Apache or Nginx....it really does not matter much for production since they are usually only handling the rewriting and the SSL part...working both without issues in various setups for years.


we use 2 different setups depending on the size of the site:

for small deployments we only use nginx (with caching enabled) acting as load balancer in round robin mode when needed:

upstream plone {
    server localhost:8081;
    server localhost:8082;

for big ones, we use nginx and Varnish acting as cache proxy and load balancer using the hash director:

director app hash {
    { .backend = instance1; .weight= 1; }
    { .backend = instance2; .weight= 1; }
    { .backend = instance3; .weight= 1; }
    { .backend = instance4; .weight= 1; }

the hash director picks a backend based on the URL hash value; this way you end up with the object in memory only on one instance, leading to a better use of memory in your server.

we've been using this for almost a year with very good results.


That great info needs to get added here: http://docs.plone.org/manage/deploying/front-end/nginx.html !


I took a look at the documentation but, IMO, it needs to be completely rewritten and I have no time for that now.

Out of curiosity, (since either can load-balance or be paired with haproxy) is there more benefit your sites are seeing in running Varnish in front of nginx, vs. behind it?


we use nginx in front for various reasons:

  • is easier and much cleaner to do the rewrites and configure some stuff (like add/modify Expires headers) in nginx
  • we can easily block some requests like access to non-existent PHP scripts in nginx
  • we can apply rate limiting to some areas of the site like the search form
  • we can cache some HTTP response codes like 301, 302 and 404
  • according to some old performance measures nginx is a little bit faster for static content than Varnish
  • if you need to enable HTTPS you will have to deal with nginx in front anyway

so what pass nginx is cached in Varnish 30%-95% of the time, and only a few request pass to the Plone instances.