Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is the most recent AWSALB cookie required? (AWS ELB Application Load Balancer)

Observations

When using an Amazon ELB Application Load Balancer and working with Sticky Sessions the load balancer inserts a cookie named AWSALB in the first request. To let the next request stick to the same target node (EC2 instance) the cookie should be included in that request. When doing so, it seems that the load balancer inserts a different cookie value in the response to the 2nd request. When including this new cookie value on the 3rd request, we get yet a new cookie value in the response. And so forth…

(This is different from how Sticky Sessions works with the Classic Load Balancer where the cookie is named AWSELB and retains its value until discarded by the client or the load balancer.)

The reason the AWSALB cookie changes value all the time seems to be (as stated by the docs):

The name of the cookie is AWSALB. The contents of these cookies are encrypted using a rotating key. You cannot decrypt or modify load balancer-generated cookies.

So even though the contents of the cookie might be the same, we cannot tell.

Question

The question is whether a request to the load balancer must always include the most recently received value of the AWSALB cookie or if it ok to send some previously received value (from the same sticky session, of course).

If this is a requirement the AWS ELB Application Load Balancer would not be able to serve a client that performs multiple parallel requests (after having received the first AWSALB cookie) but only clients that performs all requests in a sequential fashion (one at a time).

Can anybody shed some light on this?

like image 449
mgd Avatar asked Mar 09 '18 16:03

mgd


People also ask

What is Awsalb cookie?

Duration-based stickiness. Duration-based stickiness routes requests to the same target in a target group using a load balancer generated cookie ( AWSALB ). The cookie is used to map the session to the target.

Which requirement would be better served by an application load balancer?

Application Load Balancer components A load balancer serves as the single point of contact for clients. The load balancer distributes incoming application traffic across multiple targets, such as EC2 instances, in multiple Availability Zones. This increases the availability of your application.

What is load balancer generated cookie stickiness?

Load Balancer Generated Cookie Stickiness - A special cookie is used to track the backend server instance for each request. When the LB receives a request, it checks to see if this cookie is present in the request. If so, the load balancer sends the request to the application server specified in the cookie.

What is difference between application load balancer and load Loadr and classic load balancer?

The Application Load Balancer operates at Layer 7 of the OSI model, the network load balancer distributes traffic based on Layer 4. However, the classic load balancer works at both Layer 4 and 7.


1 Answers

After waiting for a reply here, I raised a support case with Amazon and got this reply:

I understand that you would like to confirm if it is required to provide the latest stickiness cookie for every request.

You are right in noting that the behaviour is different between CLB and ALB. Due to the different functionality of Application Load Balancer to direct traffic to multiple Target Groups, each having its own stickiness, ALB encrypts the information needed to direct traffic and provides new cookie on each request. This ensures that different times for different groups are always respected correctly.

Clients can always obtain the latest cookie, as internally the information would ensure correct routing to the same target. If you want to reuse single cookie it is also possible, ALB will respect it and correctly route the traffic as per the stickiness in the cookie. I would not recommend using the same cookie for periods longer than 60 seconds though. This is to ensure that in case of target becoming unavailable you can acquire new cookie with new stickiness information that would route you to new target.

like image 92
mgd Avatar answered Sep 30 '22 11:09

mgd