Nginx Add Sticky module-cookie hold session

The cookie differs from the session, one on the client and one on the server.

Environment Nginx 1.8.0

Centos6. X

sticky:1.2.5 wget https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/get/master.tar.gz

Cookie load balancing is more obvious than iphash compared to one of the features: the Equalization of the intranet NAT user. And Iphash can't do it.

Yum Install OpenSSL Openssl-devel

Stop the Nginx service first. Add a module to Nginx.

The same version of the Nginx package from the new unzip a copy out. Of course colleagues also talk about downloading the sticky module also extracted and from the name into Nginx-sticky-module

TAR-ZXF master.tar.gz

MV nginx-goodies-nginx-sticky-module-ng-c78b7dd79d0d Nginx-sticky-module

Killall Nginx

(If you want to see the version of sticky, you can view and change it in Changelog.txt)

To add a module:

My original Nginx installation path is:/usr/local/nginx (Add the module, the previous configuration and module also need to add) because these need to write to nginx this binary file.

See what modules were previously installed using/USR/LOCAL/NGINX/SBIN/NGINX-V (in uppercase V OH. The same as my name)

Compile the previous stay

./configure--user=www--group=www--prefix=/usr/local/nginx--with-http_stub_status_module--with-http_ssl_module- -add-module=/root/nginx-sticky-module

Because I had 2 modules before.

And then we make it just fine. The make install is not required, it is reinstalled.

After we compile, there will be a OBJS in the current directory, there is an nginx file, which is our make generated binary file, and then copy this file to/usr/local/nginx/sbin (previous Nginx best backup, in order to avoid error recovery)

At this point the Nginx add module succeeds. We can refer to the Nginx configuration file directly. Such as

Of course you can also set some parameters of sticky, such as sticky cache time, for example. Detailed here can be queried sticky unpacking the readme as follows

======================================== I paste it out ======================================== (the English Warrior is blessed)

Balancing system won ' t be fair.

Using a cookie to track the upstream server makes each browser unique.

When the sticky module can ' t apply, it switchs back to the classic Round Robin Upstream or returns a "bad Gateway" (Depend ing on the no_fallback flag).

Sticky module can ' t apply when the cookie is not supported by the browser

> Sticky module is based on a "best effort" algorithm. Its aim isn't to handle # Nginx Sticky Module

# Nginx Sticky Module

Modified and extended version; See Changelog.txt

# Description

A nginx module to add a sticky cookie to is always forwarded to the same upstream server.

When dealing with several backend servers, it's sometimes useful that one client (browser) are always served by the same BA Ckend Server (for session persistance for example).

Using a persistance by IP (with the Ip_hash upstream module) was maybe not a good idea because there could be situations wh Ere a lot of different browsers is coming with the same IP address (behind proxies) and the load balancing system won ' t is Fair.

Using a cookie to track the upstream server makes each browser unique.

When the sticky module can ' t apply, it switchs back to the classic Round Robin Upstream or returns a "bad Gateway" (Depend ing on the no_fallback flag).

Sticky module can ' t apply when the cookie is not supported by the browser

> Sticky module is based on a "best effort" algorithm. Its aim isn't to handle > security somehow. It ' s been made to ensure that normal users is always > redirected to the same backend Server:that ' s all!

# installation

You'll need to re-compile Nginx from the source to include the This module. Modify your compile of Nginx by adding the following directive (modified to suit your path of course):

./configure ...--add-module=/absolute/path/to/nginx-sticky-module-ng make do install

# Usage

upstream {sticky;       Server 127.0.0.1:9000;       Server 127.0.0.1:9001;     Server 127.0.0.1:9002; }

Sticky [Name=route] [Domain=.foo.bar] [path=/] [expires=1h] [HASH=INDEX|MD5|SHA1] [no_fallback] [secure] [HTTPO NLY];

-Name:the name of the cookies used to the persistant upstream SRV; Default:route

-domain:the domain in which the cookie would be valid default:nothing. Let the browser handle this.

-Path:the path in which the cookie would be valid default:/

-Expires:the validity duration of the cookie default:nothing.   It ' s a session cookie. Restriction:must be a duration greater than one second

-hash:the hash mechanism to encode upstream server.   It cant ' is used with HMAC. Default:md5

-Md5|sha1:well known Hash-index:it's not hashed, a in-memory index is used instead, it's quicker and the over Head is shorter warning:the matching against upstream servers list is inconsistent. So, at reload, if Upstreams servers have changed, index values is not guaranted to correspond to the same server A     S before! Use IT with CAUTION and only if you need to!

-Hmac:the HMAC hash mechanism to encode upstream server It's like the hash mechanism but it uses Hmac_key to Secure the hashing.     It can ' t be used with hash. Md5|sha1:well known hash default:none. See Hash.

-hmac_key:the key to use with HMAC. It's mandatory when the HMAC is set default:nothing.

-No_fallback:when This flag is set, Nginx would return a 502 (bad Gateway or Proxy Error) if a request come s with a cookie and the corresponding backend is unavailable.

-Secure enable secure cookies; Transferred only via https-httponly enable cookies is leaked via JS # Detail mechanism

-See Docs/sticky. {Vsd,pdf}

# Issues and Warnings:

-When using different upstream-configs with stickyness, the same domain but refer to different location-confi GS It might is wise to set a different path/route-option on each of the upstream-configs like described Here:htt Ps://bitbucket.org/nginx-goodies/nginx-sticky-module-ng/issue/7/leaving-cookie-path-empty-in-module

-Sticky module does not work with the "Backup" option of the "server" configuration item. -Sticky module might work with the Nginx_http_upstream_check_module (up to version 1.2.3)-sticky module may require t O Configure Nginx with SSL support (when using "secure" option)

# contributing

-Send/suggest patches as diffs-tickets and issues Here:https://bitbucket.org/nginx-goodies/nginx-sticky-sessio N-ng

# Downloads

# TODO

See TODO.MD

# Authors & Credits

-Jerome Loyet, initial Module-markus Linnala, Httponly/secure-cookies-patch-peter Bowey, Nginx 1.5.8 api-change-mic Hael Chernyak for Max-age-patch-anybody-suggested a Patch, created an issue on bitbucket or helped improving this MO Dule

# Copyright & License

This module is licenced under the BSD license.

Copyright (c) Jerome Loyet (Jerome at loyet dot net) Copyright (c) Markus Manzke (Goodman at Nginx-goodies D OT com)

Redistribution and use in source and binary forms, with or without modification, is permitted provided that the Follo Wing conditions is met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following di Sclaimer.

2. redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following Disclaimer in the documentation and/or other materials provided with the distribution.

This software was provided by AUTHOR and CONTRIBUTORS "as is" and any EXPRESS OR implied warranties, including, but N  OT LIMITED to, the implied warranties of merchantability and FITNESS for A particular PURPOSE is disclaimed. In NO EVENT shall AUTHOR OR CONTRIBUTORS is liable for any DIRECT, INDIRECT, incidental, special, exemplary, or conseq Uential damages (including, but not LIMITED to, procurement of substitute GOODS OR SERVICES; LOSS of Use, DATA, OR profits; or business interruption) however caused and on any theory of liability, WHETHER in contract, STRICT liability, OR TORT (including negligence OR OTHERWISE) arising in any-out-of-the---the-software, even IF advised of the P Ossibility of SUCH DAMAGE.

Nginx Add Sticky module-cookie hold session