|
| 1 | +--- |
| 2 | +title: Session affinity overview for Azure Application Gateway for Containers |
| 3 | +description: Learn how to configure session affinity for Azure Application Gateway for Containers. |
| 4 | +services: application gateway |
| 5 | +author: greg-lindsay |
| 6 | +ms.service: application-gateway |
| 7 | +ms.subservice: appgw-for-containers |
| 8 | +ms.topic: conceptual |
| 9 | +ms.date: 10/02/2023 |
| 10 | +ms.author: greglin |
| 11 | +--- |
| 12 | + |
| 13 | +# Application Gateway for Containers session affinity overview |
| 14 | + |
| 15 | +Session affinity, also known as *session persistence* or *sticky sessions*, is a technique used in load balancing to ensure a client's requests are always sent to the same server. This is important for applications that store user data in session variables or in a local cache on a particular server (commonly referred to as a stateful application). |
| 16 | + |
| 17 | +With session affinity, Application Gateway for Containers presents a cookie in the **Set-Cookie** header of the first response. If the client presents the cookie in future requests, Application Gateway for Containers recognizes the cookie and forwards traffic to the same backend target. See the following example scenario: |
| 18 | + |
| 19 | +  |
| 20 | + |
| 21 | +The following steps are depicted in the previous diagram: |
| 22 | +1. A client initiates a request to an Application Gateway for Containers' (AGC) frontend |
| 23 | +2. AGC selects one of the many available pods to load balance the request to. In this example, we assume Pod C is selected out of the four available pods. |
| 24 | +3. Pod C returns a response to AGC. |
| 25 | +4. In addition to the backend response from Pod C, AGC adds a Set-Cookie header containing a uniquely generated hash used for routing. |
| 26 | +5. The client sends another request to AGC along with the session affinity cookie set in the previous step. |
| 27 | +6. AGC detects the cookie and selects Pod C to serve the request. |
| 28 | +7. Pod C responds to AGC. |
| 29 | +8. AGC returns the response to the client |
| 30 | + |
| 31 | +## Usage details |
| 32 | + |
| 33 | +[Session affinity](api-specification-kubernetes.md#alb.networking.azure.io/v1.SessionAffinity) is defined by the following properties and characteristics: |
| 34 | + |
| 35 | +| Name | Description | |
| 36 | +| ---- | ----------- | |
| 37 | +| affinityType | Valid values are application-cookie or managed-cookie. | |
| 38 | +| cookieName | Required if affinityType is application-cookie. This is the name of the cookie. | |
| 39 | +| cookieDuration | Required if affinityType is application-cookie. This is the duration (lifetime) of the cookie in seconds. | |
| 40 | + |
| 41 | +In managed cookie affinity type, Application Gateway uses predefined values when the cookie is offered to the client. |
| 42 | +- The name of the cookie is: `AGCAffinity`. |
| 43 | +- The duration (lifetime) of the cookie is 86,400 seconds (one day). |
| 44 | +- The `cookieName` and `cookieDuration` properties and values are discarded. |
| 45 | + |
| 46 | +In application affinity type, the cookie name and duration (lifetime) must be explicitly defined. |
| 47 | + |
| 48 | +## How to configure session affinity |
| 49 | + |
| 50 | +# [Gateway API](#tab/session-affinity-gateway-api) |
| 51 | + |
| 52 | +Session affinity can be defined in a [RoutePolicy](api-specification-kubernetes.md#alb.networking.azure.io/v1.RoutePolicy) resource, which targets a defined HTTPRoute. You must specify `sessionAffinity` with an `affinityType` of either `application-cookie` or `managed-cookie`. In this example, we use `application-cookie` as the affinityType and explicitly define a cookie name and lifetime. |
| 53 | + |
| 54 | +Example command to create a new RoutePolicy with a defined cookie called `nomnom` with a lifetime of 3,600 seconds (1 hour). |
| 55 | + |
| 56 | +```bash |
| 57 | +kubectl apply -f - <<EOF |
| 58 | +apiVersion: alb.networking.azure.io/v1 |
| 59 | +kind: RoutePolicy |
| 60 | +metadata: |
| 61 | + name: session-affinity-route-policy |
| 62 | +spec: |
| 63 | + targetRef: |
| 64 | + kind: HTTPRoute |
| 65 | + name: http-route |
| 66 | + namespace: test-infra |
| 67 | + group: "" |
| 68 | + default: |
| 69 | + sessionAffinity: |
| 70 | + affinityType: "application-cookie" |
| 71 | + cookieName: "nomnom" |
| 72 | + cookieDuration: 3600 |
| 73 | +EOF |
| 74 | +``` |
| 75 | + |
| 76 | +# [Ingress API](#tab/session-affinity-ingress-api) |
| 77 | + |
| 78 | +Session affinity can be defined in an [IngressExtension](api-specification-kubernetes.md#alb.networking.azure.io/v1.IngressExtensionSpec) resource. You must specify `sessionAffinity` with an `affinityType` of either `application-cookie` or `managed-cookie`. In this example, we use `application-cookie` as the affinityType and explicitly define a cookie name and lifetime. |
| 79 | + |
| 80 | +Example command to create a new IngressExtension with a defined cookie called `nomnom` with a lifetime of 3,600 seconds (1 hour). |
| 81 | + |
| 82 | +```bash |
| 83 | +kubectl apply -f - <<EOF |
| 84 | +apiVersion: alb.networking.azure.io/v1 |
| 85 | +kind: IngressExtension |
| 86 | +metadata: |
| 87 | + name: session-affinity-ingress-extension |
| 88 | + namespace: test-infra |
| 89 | +spec: |
| 90 | + backendSettings: |
| 91 | + - service: echo |
| 92 | + sessionAffinity: |
| 93 | + affinityType: "application-cookie" |
| 94 | + cookieName: "nomnom" |
| 95 | + cookieDuration: 3600 |
| 96 | +EOF |
| 97 | +``` |
| 98 | + |
| 99 | +--- |
0 commit comments