Disable affinity for workloads hosted in Azure Container Apps

[BenjaminEngeset]

Existing rule

No response

Suggested rule

Azure Container Apps now supports session affinity, also known as sticky sessions.

This feature is in public preview.

Altrough this may be useful for stateful workloads, the Well-Architected Framework generally discourages affinity. Since PSRule for Azure should be aligned to WAF as close as possible, we should therefore recommend customers to disable affinity as it interfers.

Pillar

Performance Efficiency

Additional context

https://learn.microsoft.com/nb-no/azure/container-apps/sticky-sessions https://learn.microsoft.com/en-us/azure/templates/microsoft.app/containerapps#ingress

[BernieWhite]

@BenjaminEngeset I feel this rule should be actually to disable affinity instead of enable it as the WAF generally discourages affinity.

[BenjaminEngeset]

@BenjaminEngeset I feel this rule should be actually to disable affinity instead of enable it as the WAF generally discourages affinity.

@BernieWhite That was actually a good proposition, so where sticky is true, then emit fail as in making awareness for customers that affinity is not recommended. Do I understand you correctly? Which pillar do you think is most reasonable with this in mind?

[BernieWhite]

@BenjaminEngeset Correct. I think you suggestion of Performance Efficiency is correct because the general side effect that client affinity creates is unbalanced distribution of load. i.e. one instance is significantly more loaded then other instances, and the loaded instance performs poorly compared with other instances.

[BenjaminEngeset]

@BenjaminEngeset Correct. I think you suggestion of Performance Efficiency is correct because the general side effect that client affinity creates is unbalanced distribution of load. i.e. one instance is significantly more loaded then other instances, and the loaded instance performs poorly compared with other instances.

@BernieWhite Great! Thanks, then I know what to do.