当前位置: 代码迷 >> 综合 >> Ingress session sticky
  详细解决方案

Ingress session sticky

热度:41   发布时间:2024-01-31 17:43:08.0

service session sticky

kind: Service
apiVersion: v1
metadata:name: my-service
spec:selector:app: my-appports:- name: httpprotocol: TCPport: 80targetPort: 80sessionAffinity: ClientIPsessionAffinityConfig:clientIP:timeoutSeconds: 10

ingress

  • 问题:为什么在ingress中不能使用上面service的session sticky。
  • 答案:因为ingress controller中配置的是POD的地址,不经过service,所以上面的service方式不生效。

Nginx Controller

https://kubernetes.github.io/ingress-nginx/examples/affinity/cookie/

Session affinity can be configured using the following annotations:

Name Description Value
nginx.ingress.kubernetes.io/affinity Type of the affinity, set this to cookie to enable session affinity string (NGINX only supports cookie)
nginx.ingress.kubernetes.io/affinity-mode The affinity mode defines how sticky a session is. Use balanced to redistribute some sessions when scaling pods or persistent for maximum stickyness. balanced (default) or persistent
nginx.ingress.kubernetes.io/session-cookie-name Name of the cookie that will be created string (defaults to INGRESSCOOKIE)
nginx.ingress.kubernetes.io/session-cookie-path Path that will be set on the cookie (required if your Ingress paths use regular expressions) string (defaults to the currently matched path)
nginx.ingress.kubernetes.io/session-cookie-samesite SameSite attribute to apply to the cookie Browser accepted values are None, Lax, and Strict
nginx.ingress.kubernetes.io/session-cookie-conditional-samesite-none Will omit SameSite=None attribute for older browsers which reject the more-recently defined SameSite=None value “true” or “false”
nginx.ingress.kubernetes.io/session-cookie-max-age Time until the cookie expires, corresponds to the Max-Age cookie directive number of seconds
nginx.ingress.kubernetes.io/session-cookie-expires Legacy version of the previous annotation for compatibility with older browsers, generates an Expires cookie directive by adding the seconds to the current date number of seconds
nginx.ingress.kubernetes.io/session-cookie-change-on-failure When set to false nginx ingress will send request to upstream pointed by sticky cookie even if previous attempt failed. When set to true and previous attempt failed, sticky cookie will be changed to point to another upstream. true or false (defaults to false)

You can create the example Ingress to test this:

bash-3.2$less ingress.yaml
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:name: nginx-testannotations:nginx.ingress.kubernetes.io/affinity: "cookie"nginx.ingress.kubernetes.io/session-cookie-name: "route"nginx.ingress.kubernetes.io/session-cookie-expires: "172800"nginx.ingress.kubernetes.io/session-cookie-max-age: "172800"spec:rules:- host: stickyingress.example.comhttp:paths:- backend:serviceName: http-svcservicePort: 80path: /bash-3.2$kubectl create -f ingress.yaml

验证

You can confirm that the Ingress works:

$ kubectl describe ing nginx-test
Name:           nginx-test
Namespace:      default
Address:
Default backend:    default-http-backend:80 (10.180.0.4:8080,10.240.0.2:8080)
Rules:Host                          Path    Backends----                          ----    --------stickyingress.example.com/        nginx-service:80 (<none>)
Annotations:affinity: cookiesession-cookie-name:      INGRESSCOOKIEsession-cookie-expires: 172800session-cookie-max-age: 172800
Events:FirstSeen LastSeen    Count   From                SubObjectPath   Type        Reason  Message--------- --------    -----   ----                -------------   --------    ------  -------7s        7s      1   {nginx-ingress-controller }         Normal      CREATE  default/nginx-test$ curl -I http://stickyingress.example.com
HTTP/1.1 200 OK
Server: nginx/1.11.9
Date: Fri, 10 Feb 2017 14:11:12 GMT
Content-Type: text/html
Content-Length: 612
Connection: keep-alive
Set-Cookie: INGRESSCOOKIE=a9907b79b248140b56bb13723f72b67697baac3d; Expires=Sun, 12-Feb-17 14:11:12 GMT; Max-Age=172800; Path=/; HttpOnly
Last-Modified: Tue, 24 Jan 2017 14:02:19 GMT
ETag: "58875e6b-264"
Accept-Ranges: bytes

traefik Controller

https://docs.traefik.io/routing/providers/kubernetes-ingress/

kind: Ingress
apiVersion: networking.k8s.io/v1beta1
metadata:name: myingressannotations:traefik.ingress.kubernetes.io/service.sticky.cookie: "true"traefik.ingress.kubernetes.io/service.sticky.cookie.name: foobarspec:rules:- host: example.comhttp:paths:- path: /barbackend:serviceName: whoamiservicePort: 80- path: /foobackend:serviceName: whoamiservicePort: 80
  相关解决方案