Hello All,
We currently have a loadbalancer pair running with lvs and ldirectord in a High Availability(HA) cluster. This directs traffic to several web servers running a variety of Drupal sites as well as some html/php sites.
In order to increase performance, we are adding varnish v3. Three options become apparent to me with our current configuration.
Current Configuration: No varnish
internet->
- load balancer1->
-web server1
-web server2
-web server3
- load balancer2 (standby)
Option 1: before the loadbalancer- one varnish server
internet->
- varnish->
- load balancer1->
-web server1
-web server2
-web server3
- load balancer2 (standby)
Option 2: one load balancer feeding multiple varnish servers with single origin server per varnish server
internet->
- load balancer1->
- varnish1->
-web server1
- varnish2->
-web server2
- varnish3->
-web server3
- load balancer2 (standby)
Option 3: one load balancer feeding multiple varnish servers with multiple origin servers
internet->
- load balancer->
- varnish1->
-web server1
-web server2
-web server3
- varnish2->
-web server1
-web server2
-web server3
- varnish3->
-web server1
-web server2
-web server3
- load balancer2 (standby)
All three of these configurations are possible, with increasing complexity.
My goals are- in order of priority:
1) performance
2) security
3) simplicity
Here are my questions:
It appears that besides caching, we could also put our origin servers on a non-public network to enhance security. Do you agree?
Is there anything, good or bad, that Varnish brings to this that I should consider to keep this simple but still HA?
I lean towards option 3. Does that seem overly complex?
Which would you do and why?
Thanks for your opinion,
Dave