Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix for #1930, make sessions sticky, for ingress with multiple rules … #2451

Merged
merged 1 commit into from
Jun 15, 2018
Merged

fix for #1930, make sessions sticky, for ingress with multiple rules … #2451

merged 1 commit into from
Jun 15, 2018

Conversation

nusx
Copy link
Contributor

@nusx nusx commented Apr 30, 2018

…and backends

  • for an ingress with session affinity cookie, set the location as path on the cookie when unique
  • the previous behaviour ( path=/ ) is preserved for ingresses with multiple rules for the same backend (locations not unique)

What this PR does / why we need it:
The current template generates upstreams without setting the path parameter on the sticky config. This leads to a new cookie beeing generated whenever the user requests a different path from the ingress. This change sets the path parameter whenever the backend contains only a single location. It falls back to the previous behaviour (not setting the path parameter) if multiple ingress rules exist for the same backend (leading to multiple locations for the backend).
Which issue this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #1930

Special notes for your reviewer:

@k8s-ci-robot k8s-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Apr 30, 2018
@k8s-ci-robot
Copy link
Contributor

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA.

It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@k8s-ci-robot k8s-ci-robot added the cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. label Apr 30, 2018
@nusx
Copy link
Contributor Author

nusx commented Apr 30, 2018

/check-cla

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. and removed cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. labels Apr 30, 2018
@nusx
Copy link
Contributor Author

nusx commented Apr 30, 2018

/assign @ingress-nginx-maintainers

@k8s-ci-robot
Copy link
Contributor

@nusx: GitHub didn't allow me to assign the following users: ingress-nginx-maintainers.

Note that only kubernetes members and repo collaborators can be assigned.

In response to this:

/assign @ingress-nginx-maintainers

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@nusx
Copy link
Contributor Author

nusx commented Apr 30, 2018

/assign @thockin

@codecov-io
Copy link

codecov-io commented Apr 30, 2018
edited
Loading

Codecov Report

Merging #2451 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #2451   +/-   ##
=======================================
  Coverage   40.68%   40.68%           
=======================================
  Files          75       75           
  Lines        5108     5108           
=======================================
  Hits         2078     2078           
  Misses       2751     2751           
  Partials      279      279

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f74d063...1a320ae. Read the comment docs.

@aledbf
Copy link
Member

aledbf commented Apr 30, 2018

@nusx please add e2e tests

antoineco
antoineco reviewed May 3, 2018
View reviewed changes
Copy link
Contributor

@antoineco antoineco left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

antoineco
antoineco reviewed May 3, 2018
View reviewed changes
rootfs/etc/nginx/template/nginx.tmpl Outdated
@@ -358,7 +358,7 @@ http {
{{ range $name, $upstream := $backends }}
{{ if eq $upstream.SessionAffinity.AffinityType "cookie" }}
upstream sticky-{{ $upstream.Name }} {
sticky hash={{ $upstream.SessionAffinity.CookieSessionAffinity.Hash }} name={{ $upstream.SessionAffinity.CookieSessionAffinity.Name }} httponly;
sticky hash={{ $upstream.SessionAffinity.CookieSessionAffinity.Hash }} name={{ $upstream.SessionAffinity.CookieSessionAffinity.Name }}{{ range $locationName, $locationPaths := $upstream.SessionAffinity.CookieSessionAffinity.Locations }}{{ if eq (len $locationPaths) 1 }}{{ range $locationPath := $locationPaths }} path={{ $locationPath }}{{ end }}{{ end }}{{ end}} httponly;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if eq (len $locationPaths) 1 }}{{ range $locationPath := $locationPaths }} why using a range if you expect a single element?

@k8s-ci-robot k8s-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels May 3, 2018
@nusx
Copy link
Contributor Author

nusx commented May 3, 2018

@aledbf added e2e tests and updated the template according to @antoineco s comment (now accessing the locationPaths array via index action).

@nusx
Copy link
Contributor Author

nusx commented May 7, 2018

/assign @aledbf

antoineco
antoineco reviewed Jun 10, 2018
View reviewed changes
rootfs/etc/nginx/template/nginx.tmpl
@@ -358,7 +358,7 @@ http {
{{ range $name, $upstream := $backends }}
{{ if eq $upstream.SessionAffinity.AffinityType "cookie" }}
upstream sticky-{{ $upstream.Name }} {
sticky hash={{ $upstream.SessionAffinity.CookieSessionAffinity.Hash }} name={{ $upstream.SessionAffinity.CookieSessionAffinity.Name }} httponly;
sticky hash={{ $upstream.SessionAffinity.CookieSessionAffinity.Hash }} name={{ $upstream.SessionAffinity.CookieSessionAffinity.Name }}{{if eq (len $upstream.SessionAffinity.CookieSessionAffinity.Locations) 1 }}{{ range $locationName, $locationPaths := $upstream.SessionAffinity.CookieSessionAffinity.Locations }}{{ if eq (len $locationPaths) 1 }} path={{ index $locationPaths 0 }}{{ end }}{{ end }}{{ end }} httponly;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As a bonus, you could wrap this logic inside a template function (see internal/ingress/controller/template/template.go) that receives a *ingress.CookieSessionAffinity and returns either path=/xyz; or nothing.
You can then call that function inside the template like {{ cookiepath $upstream.SessionAffinity.CookieSessionAffinity }}.

No hard feeling on my side though, the Go template language also does the trick here.

@antoineco
Copy link
Contributor

@nusx thanks for addressing the different comments, the tests look good to me 👍
Could you please fix the conflict on internal/file/bindata.go(just delete the file) so we can move on?

@nusx
Copy link
Contributor Author

nusx commented Jun 10, 2018

@antoineco updated the pull request (deleted bindata.go)

@aledbf
Copy link
Member

aledbf commented Jun 10, 2018

@nusx please squash the commits

@nusx nusx force-pushed the set-sticky-path-for-backend branch from 54a6985 to b08a178 Compare June 11, 2018 08:17
@k8s-ci-robot k8s-ci-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jun 11, 2018
@nusx
fix for kubernetes#1930, make sessions sticky, for ingress with multi…
1a320ae 
…ple rules and backends

* for an ingress with session affinity cookie, set the location as path on the cookie when unique
* the previous behaviour ( cookie path=/ ) is preserved for ingresses with multiple rules for the same backend (locations not unique)

added e2e tests for session affinity, setting path on sticky config

added tests:
* it should set the path to /something on the generated cookie
* it should set the path to / on the generated cookie if there's more than one rule referring to the same backend
@nusx nusx force-pushed the set-sticky-path-for-backend branch from b08a178 to 1a320ae Compare June 11, 2018 08:45
@k8s-ci-robot k8s-ci-robot removed the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Jun 11, 2018
@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Jun 11, 2018
@nusx
Copy link
Contributor Author

nusx commented Jun 13, 2018

@aledbf squashed the commits

@antoineco
Copy link
Contributor

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 13, 2018
@aledbf
Copy link
Member

aledbf commented Jun 15, 2018

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aledbf, antoineco, nusx

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 15, 2018
@aledbf
Copy link
Member

aledbf commented Jun 15, 2018

@nusx thanks!

@k8s-ci-robot k8s-ci-robot merged commit dfca2a0 into kubernetes:master Jun 15, 2018
@JrCs
Copy link

JrCs commented Jun 15, 2018

Sorry but is it not break if i have multiple path and want only ONE cookie hash for all ?

@antoineco
Copy link
Contributor

antoineco commented Jun 15, 2018
edited
Loading

Cookies are available to all subpaths, but not superpaths.

With this fix, next time you'll send a request to /myapp/myapi your sticky cookie will be created for the path /, making it available to all sublocations.

@ElvinEfendi ElvinEfendi mentioned this pull request Jun 18, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@antoineco antoineco antoineco left review comments

Assignees

@aledbf aledbf

@ElvinEfendi ElvinEfendi

@antoineco antoineco

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

if alternate access two ingress paths, the session can't keep sticky
8 participants
@nusx @k8s-ci-robot @codecov-io @aledbf @antoineco @JrCs @ElvinEfendi @thockin