Closed aczarnecki closed 7 years ago
Probably found the reason. This part of the code should set cookie in the route:
backend_route = ["server %s %s" % (route["container_name"], address)]
if is_sticky:
backend_route.append("cookie %s" % route["container_name"])
This is the log from HA Proxy (see that there is no cookie in the route, changed Cookie configuration to JSESSIONID prefix nocache).
INFO:haproxy:dockercloud/haproxy 1.6.6 is running outside Docker Cloud
INFO:haproxy:Haproxy is running in SwarmMode, loading HAProxy definition through docker api
INFO:haproxy:dockercloud/haproxy PID: 5
INFO:haproxy:=> Add task: Initial start - Swarm Mode
INFO:haproxy:=> Executing task: Initial start - Swarm Mode
INFO:haproxy:==========BEGIN==========
INFO:haproxy:Linked service: is_ab
INFO:haproxy:Linked container: is_ab.0.owaxrk15a6ffknchdbijku49w, is_ab.0.prqhwspig9djsfld13yuo2mab
INFO:haproxy:HAProxy configuration:
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
log-send-hostname
maxconn 4096
pidfile /var/run/haproxy.pid
user haproxy
group haproxy
daemon
stats socket /var/run/haproxy.stats level admin
ssl-default-bind-options no-sslv3
ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:DHE-DSS-AES128-SHA:DES-CBC3-SHA
defaults
balance roundrobin
log global
mode http
option redispatch
option httplog
option dontlognull
option forwardfor
timeout connect 5000
timeout client 50000
timeout server 50000
listen stats
bind :1936
mode http
stats enable
timeout connect 10s
timeout client 1m
timeout server 1m
stats hide-version
stats realm Haproxy\ Statistics
stats uri /
stats auth stats:stats
listen port_8080
bind :8080
mode tcp
server is_ab.0.prqhwspig9djsfld13yuo2mab 10.0.4.4:8080 check inter 2000 rise 2 fall 3
server is_ab.0.owaxrk15a6ffknchdbijku49w 10.0.4.3:8080 check inter 2000 rise 2 fall 3
backend SERVICE_is_ab
cookie JSESSIONID prefix nocache
INFO:haproxy:Launching HAProxy
INFO:haproxy:HAProxy has been launched(PID: 11)
INFO:haproxy:===========END===========
Ok, resolved this by switching to http (instead of tcp). Is there a way to do this in tcp?
@aczarnecki both session and cookie are only applicable to the application layer of the network mode, namely HTTP. TCP itself doesn't understand the those settings, I think.
Hi,
so I tried to use haproxy for ensuring session stickiness in AWS running Docker Swarm. The call flow is as follows: AWS ELB -> Docker -> haproxy -> worker
The error I can't see any Cookie being set, and the session is not sticky at all. I'll remain in the same session, but if I leave it for half a minute I'll get another one. (I'm in the same session until tomcat close the connection or at least that what it seems like).
Additionally I can't reuse a Cookie already containing session ID like AWSALB set by AWS.
When I balance it with "source" it sticks to the same session, but at least for this solution I'm stuck with using the same server over and over again for all users.
Session stickiness is turned on in ELB, haproxy is configured like this (on manager node):
And the worker node (tomcat):
docker info:
I'm using dockercloud/haproxy in version 1.6.6.