Load Balancing FAQ Session Hold-sticky session (Sticky Sessions)

Source: Internet
Author: User
Tags http cookie

Session retention is one of the most common problems in load balancing and is a relatively complex issue.

Session hold is sometimes called sticky session (Sticky Sessions).

Before we introduce session-keeping techniques, we have to take some time to figure out the concepts: what is a connection (Connection), what is a session, and the difference between the two. In particular, if we are just talking about load balancing, sessions and connections often have the same meaning.

From a simple point of view,

If the user needs to log in, then it can be simply understood as the session;

If you do not need to log in, it is the connection.

In fact, the basic function of the session retention mechanism and load balancing is completely contradictory. Load balancing expects future connections from clients, requests to be balanced forward to multiple servers on the backend, to avoid excessive load on a single server, while session retention mechanisms require that some requests be forwarded to the same server for processing. Therefore, in the actual deployment environment, we should choose the appropriate session retention mechanism according to the characteristics of the application environment.

Fundamentals of original Load Balancing

For packets in the same connection, load balancing will be NAT-converted and forwarded to the back-end fixed server for processing, which is the most basic and primitive function of load balancing. Within the load balancer system, there is a special table that records the status of these connections, including: [Source IP: Port], [Destination IP: port], [Server IP: port], idle timeout time (idle timeout), and so on.

Because the load Balancer internal record connection state of this table needs to consume the system's memory resources, therefore, this table can not be infinite, all manufacturers will have a certain limit. The size of this table is generally referred to as the maximum number of concurrent connections, that is, the number of connections that the system can accommodate. Given that there are some exceptions to the clients or servers that make these connections, and that these connections cannot be properly terminated, the load-balanced current connection state table entry has designed an idle timeout parameter. This parameter is defined as load Balancing automatically deletes the connection entry and frees system resources when there is no traffic passing through the connection for a certain amount of time.

After reading this text, it should be able to understand why load-balanced hardware equipment development speed, can not be compared with the development of software. Because this hardware development speed, compared with the development speed of the server ....

After you have a session, there are problems with the original load balancer, and common exception scenarios include:

1. The client entered the correct user name and password, but repeatedly jumped to the login page;

2. The user has entered the correct verification code, but the general prompt verification code error;

3. Loss of items placed in the shopping basket by the client

4 .....

Therefore, the significance of the session retention mechanism is to ensure that requests from the same client are forwarded to the same server on the backend for processing. In other words, multiple connections established between the client and the server are sent to the same server for processing. If a load balancing device is deployed between the client and the server, it is likely that multiple connections will be forwarded to different servers for processing. If there is no synchronization of session information between the servers, the user identity is not recognized by other servers, causing the user to have an exception when interacting with the application system.

In most e-commerce application systems or online systems that require user authentication, a client and server often undergo several interactive processes to complete a transaction or a request is completed? Because these interactions are closely related, the server is doing an interactive step of these interactions, Often need to understand the results of the last interaction process, or the results of the interaction process in the last few steps, the server to do the next step requires that all of these related interactions are done by a single server, and not be distributed to different servers by the load balancer?

This series of related interactions may be completed by multiple sessions of a client to a server connection, or multiple sessions in several different connections between the client and server. Multiple sessions of different connections, the most typical example being HTTP-based access, a client completing a transaction may require multiple clicks , and a new click generates a request that might reuse the connection that was established on the last click, or it could be a new connection?

Session hold means that there is a mechanism on the load balancer that can identify the connection between the client and the server, and also ensure that a series of related access requests are kept on a single server while the load is balanced.

Simple Session hold

A simple session hold is also known as a session hold based on the source address, also called an IP-based session hold, which is the basis on which the load balancer determines the connected session based on the source address of the access request when it is being load balanced? All access requests from the same IP address are kept on a single server when they are being loaded? The "Same IP address" can be distinguished by a netmask on the BIGIP device, such as a network mask that can be 255.255.255.0 through the IP address 192.168.1.1, so long as it comes from 192.168.1.0/ 24 Traffic BigIP of this segment can assume that they are from the same user, so that the traffic session from the 192.168.1.0/24 segment will be kept to a specific server?

Another important parameter in the simple session hold is the connection timeout, which sets a time value for each session-BIGIP conversation, and if the interval is less than the timeout value, the BIGIP will hold the new connection for the duration of the session until the session is completed. But if this interval is greater than the timeout value, BIGIP will consider the new connection to be a new session and then load balance it?

Note: Session hold time and connection hold time are different

Simple sessions are easy to implement, and can be achieved with information based on the three-tier four layer of the packet, which is more efficient.

F5 Support for session retention

F5 BIGIP supports a variety of session retention methods, including: Simple session hold (source address session hold)? Session hold for HTTP header, session hold based on SSL session ID, i-rules session hold, and session hold based on HTTP Cookie, and session hold based on SIP ID and cache device, but often simple session hold, HTTP Session hold for header and HTTP cookie session retention and I-rules-based session retention?

Nginx support for simple session retention

Ip_hash
Each request is allocated according to the hash result of the access IP, so that each visitor has fixed access to a back-end server that resolves the session issue.
For example:
Upstream Bakend {
Ip_hash;
Server 192.168.0.14:88;
Server 192.168.0.15:80;
}

The problem with a simple session is that when multiple clients access the server through proxy or address translation, they are assigned to the same server, causing a serious load imbalance between the servers. In another case, the number of clients is small, but each client generates multiple concurrent accesses. For these mandatory accesses also require a load balancer to be assigned to multiple server, then the client source address-based session retention method will also cause load balancer failure? This time, you have to consider other ways to maintain the session, such as session.

If the use of hardware as a load balancer device, if you encounter some special circumstances, need to personalize, in fact, is very difficult and challenging, and more time, in fact, this is fundamentally out of the way, if the use of software, such as Nginx or Apache, we can make a certain degree of customization, Meet the business requirements as much as possible.

Some other ways to keep the session

Use the database to hold the session

Session information is stored in a database table, which enables the sharing of session information between different application servers.

1. Suitable for sites with little database access

Advantages: Simple Implementation
Cons: Because database servers are more difficult to scale than application servers and resources are more valuable, the biggest performance bottleneck in high-concurrency Web applications is usually the database server. Therefore, if the session is stored in a database table, frequent database operations can affect the business.

Use file system to store session

Through the file system (such as NFS) to achieve the session sharing between the servers, each server only need mount shared server storage session disk, the implementation is relatively simple. However, the performance of NFS for high concurrency reads and writes is not high, there are large bottlenecks in hard disk I/O performance and network bandwidth, especially for the frequent read and write operations of small files such as session.

Suitable for sites with a small amount of concurrency.

session sharing based on browser Cookie
This scheme stores user-related session information in the browser's cookie, also known as the client session.
A scheme that uses flash cookies and URL rewriting to pass session information can also be categorized as such.
Disadvantage: can only store string, numeric and other basic types of data, cookie size limitations, security, bandwidth and data decompression, network transmission performance problems.

Session based on memcached storage

The use of Memcached to save session data, directly through the memory of the way, the efficiency can naturally improve a lot. The read and write speed is much faster than the files, and it is convenient to have multiple servers sharing the session, which is configured to use the same set of memcached servers, which reduces the additional effort.
Cons: The session data is stored in memory and, once down, the data will be lost. However, the session data is not a serious problem. If the site visits are too large, too many sessions, memcached will remove the infrequently used parts, but if the user is isolated for a period of time to continue to use, has been all messed up.


Load Balancing FAQ Session Hold-sticky session (Sticky Sessions)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.