Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

nginx-ingress sticky-session for websocket application

Tags:

websocket

sticky-session

azure-aks

nginx-ingress

I have a websocket .net application inside K8s cluster. I need to implement sticky session for the websocket using the nginx opensource.

I have read the documentation of nginx and kubernetes. https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md#session-affinity

It says we can use below configuration for sticky session:

nginx.ingress.kubernetes.io/affinity: "cookie"
nginx.ingress.kubernetes.io/session-cookie-name: "ingresscoookie"
nginx.ingress.kubernetes.io/session-cookie-hash: "sha1"
nginx.ingress.kubernetes.io/session-cookie-expires: "172800"
nginx.ingress.kubernetes.io/session-cookie-max-age: "172800

but this doesnot seem to work. I have tried the example code provided by kubernetes here https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/affinity/cookie/ingress.yaml.

This works for me, so I believe cookie based session affinity does not seem to work for websockets.

On further digging the documentation it says that I can use IP hashing algorithm. so I tried using below annotation.

nginx.ingress.kubernetes.io/upstream-hash-by: "$remote_addr"

this also failed. The requests are still balanced using the default algorithm.

How can I achieve session persistence?

like image 275
Madie Avatar asked May 27 '19 15:05

Madie

People also ask

Do WebSockets require sticky sessions?

WebSocket connections are inherently sticky. If the client requests a connection upgrade to WebSockets, the target that returns an HTTP 101 status code to accept the connection upgrade is the target used in the WebSockets connection. After the WebSockets upgrade is complete, cookie-based stickiness is not used.

Does ELB support sticky sessions?

ELB can be configured to use Sticky Session feature (also called session affinity) which enables it to bind a user's session to an instance and ensures all requests are sent to the same instance.

1 Answers

Stale post I know, but might help others. Did you remove/comment out the affinity and session annotations ?

This snippet works for me, but notably doesn't work if you've left the other annotations in (Like you, I couldn't get cookie based affinity to work - and I needed sticky sessions as antiforgery tokens were created locally to my webservices).

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: hello-world-ingress
  namespace: nginx
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.org/ssl-services: "hello-world-svc"
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
    nginx.ingress.kubernetes.io/rewrite-target: /$2
    nginx.ingress.kubernetes.io/upstream-hash-by: $remote_addr
spec:
  tls:
    - hosts:
      - nginx.mydomain.co.uk
      secretName: tls-certificate
  rules:
  - host: nginx.mydomain.co.uk
    http:
      paths:
      - path: /web1(/|$)(.*)      
        backend:
          serviceName: hello-world-svc
          servicePort: 80
like image 80
Antony Cook Avatar answered Sep 30 '22 18:09

Antony Cook
Sign in to Comment

Related questions

How to configure nginx reverse proxy to use SECURE websockets upstream?
Websocket on Android 4.4 with Phonegap
Connecting to Socket.IO server hosted on Azure Mobile Services returns Error
Unable to connect to a websocket
Play framework: WebSocket connection timeout
Monitoring secure web sockets (wss) with wireshark
OAuth2 Authentication for Websockets: Pass Bearer Token via Subprotocols?
How many SSE connections can a web server maintain?
Error in establishing websocket connection

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!