Versions Compared

Old Version 1

changes.mady.by.user James Wennmacher

Saved on

compared with

New Version Current

changes.mady.by.user Benito Gonzalez

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Adding warning about session collisions

...

Software-based Load Balancing

Apache Configuration

Nginx Configuration

Hardware-based Load Balancing

...

Load Balancing general guidelines

Warning
titleSession Collision Risk

It is critical to correctly configure the sticky session and user IPs to avoid session collisions.

Session IDs are generated by combining the requester's IP and a small
random number. The design assumes that each user has a unique IP and the
random bits are there to distinguish between tabs/windows from the client.

If Tomcat receives the load-balancer IP for every client, the clients will share sessions and see other client's data!

Sticky Sessions

uPortal significantly caches data for a user session.  For best performance a user must maintain a persistent connection with the same server for the duration of their session.  This is often called sticky session.

  • Some users have had problems using a load-balancer-assigned cookie and trying to use it for request routing.  One approach that works well is to route based on the JSESSIONID cookie assigned by Tomcat.

Logging User IPs instead of Load Balancer IPs

One issue that may arise when configuring a load-balanced uPortal service is logs filled with the load balancer IPs. This is frustrating in that logs lose important, valuable information. This can be corrected if the load balancer has a mechanism to add the user's remote IP in a header. The header 'X-Forwarded-For' header is commonly used for this purpose. Once the load balancer is configured to add this header, Apache http can use a module or Tomcat can use a Valve to replace the IP address with the value of this header.

Code Block
languagexml
     <Valve className="org.apache.catalina.valves.RemoteIpValve"
               internalProxies="169\.236\.45\.28, 169\.236\.89\.28"
               remoteIpHeader="x-forwarded-for"
               remoteIpProxiesHeader="X-Forwarded-For"
               protocolHeader="x-forwarded-proto" />

In the example above, the load balancers have IPs of 169.236.45.28 and 169.236.89.28. 

Apache httpd - See https://httpd.apache.org/docs/current/mod/mod_remoteip.html.

Tomcat - See https://tomcat.apache.org/tomcat-7.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html or https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve.

Load Distribution

There are a number of algorithms for load distribution, none of them perfect.  Refer to your load balancer documentation for supported methods and additional guidance, including using pool groups (clusters at different data centers, for example) or weighting multiple factors.  

...