1. 技术文章
  2. Session Affinity Settings for multiple Pods exposed by a single service

Session Affinity Settings for multiple Pods exposed by a single service

感情迁移 提交于 2021-02-20 11:50:48

问题


I have a setup Metallb as LB with Nginx Ingress installed on K8S cluster. I have read about session affinity and its significance but so far I do not have a clear picture.

How can I create a single service exposing multiple pods of the same application? After creating the single service entry point, how to map the specific client IP to Pod abstracted by the service?

Is there any blog explaining this concept in terms of how the mapping between Client IP and POD is done in kubernetes?

But I do not see Client's IP in the YAML. Then, How is this service going to map the traffic to respective clients to its endpoints? this is the question I have.

kind: Service
apiVersion: v1
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
  - name: http
    protocol: TCP
    port: 80
    targetPort: 80
  sessionAffinity: ClientIP
  sessionAffinityConfig:
    clientIP:
      timeoutSeconds: 10000

回答1:


Main concept of Session Affinity is to redirect traffic from one client always to specific node. Please keep in mind that session affinity is a best-effort method and there are scenarios where it will fail due to pod restarts or network errors. There are two main types of Session Affinity:

1) Based on Client IP

This option works well for scenario where there is only one client per IP. In this method you don't need Ingress/Proxy between K8s services and client. Client IP should be static, because each time when client will change IP he will be redirected to another pod.

To enable the session affinity in kubernetes, we can add the following to the service definition.

service.spec.sessionAffinity: ClientIP

Because community provided proper manifest to use this method I will not duplicate.

2) Based on Cookies

It works when there are multiple clients from the same IP, because it´s stored at web browser level. This method require Ingress object. Steps to apply this method with more detailed information can be found here under Session affinity based on Cookie section.

  • Create NGINX controller deployment
  • Create NGINX service
  • Create Ingress
  • Redirect your public DNS name to the NGINX service public/external IP.

About mapping ClientIP and POD, according to Documentation kube-proxy is responsible for SessionAffinity. One of Kube-Proxy job is writing to IPtables, more details here so thats how it is mapped.

Articles which might help with understanding Session Affinity: https://sookocheff.com/post/kubernetes/building-stateful-services/ https://medium.com/@diegomrtnzg/redirect-your-users-to-the-same-pod-by-using-session-affinity-on-kubernetes-baebf6a1733b




回答2:


follow the service reference for session affinity

kind: Service
apiVersion: v1
metadata:
  name: my-service
spec:
  selector:
    app: my-app
  ports:
  - name: http
    protocol: TCP
    port: 80
    targetPort: 80
  sessionAffinity: ClientIP
  sessionAffinityConfig:
    clientIP:
      timeoutSeconds: 10000


来源:https://stackoverflow.com/questions/56323438/session-affinity-settings-for-multiple-pods-exposed-by-a-single-service

标签
Kubernetes
kubernetes-ingress
kubernetes-pod
kubernetes-service
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!