Glen_L
October 22, 2008, 7:47am
1
Hi All,
Is nginx already supported session keeping?
For example
I have nginx load balancer in front
Then I have 2 webservers as backend server A & B
When I tried to login maybe i’ve logged in in server A, but when the
load
balancer move me to server B, my status is not logged in
Which module that I can use for this issue?
Regards,
Glen L.
Glen_L
October 22, 2008, 7:54am
2
use central session management. it’s much better (in my opinion) than
relying on sticky sessions / webservers / load balancers / etc.
use a database, or msession, or some other distributed session store
Glen_L
October 22, 2008, 7:56am
3
if using database, it will make my database server overload i tought.
Or maybe it’s better to use ip_hash module?
Glen_L
October 22, 2008, 8:02am
4
depends on your visitor count, architecture, etc, etc. you can also
put in a cache like memcached in as well, there’s a lot of things you
can do.
Glen_L
October 22, 2008, 8:23am
5
On Tue, 21 Oct 2008 22:56:57 -0700, mike [email protected] wrote:
depends on your visitor count, architecture, etc, etc. you can also
put in a cache like memcached in as well, there’s a lot of things you
can do.
Or encode the session data in the cookie value, like the Rails guys do
Glen_L
October 22, 2008, 1:15pm
6
eh, depending on what you’re storing couldn’t it hit the RFC cookie
limit pretty easily?
The only piece of data you would need is the user id. Everything else
can be deduced from that.
i suppose it has some sort of key and expiry in it so people can’t
spoof alternate expiry times etc.
Not really sure, haven’t used it in production and I’m not working
with rails at the moment. You make a good point thou, you probably
need two things, the user id, and an expiry time encoded in the
cookies value.
Cheers
Dave
Glen_L
October 22, 2008, 12:36pm
7
eh, depending on what you’re storing couldn’t it hit the RFC cookie
limit pretty easily?
i suppose it has some sort of key and expiry in it so people can’t
spoof alternate expiry times etc.
Glen_L
October 22, 2008, 9:38pm
8
On Wed, Oct 22, 2008 at 4:08 AM, Dave C. [email protected] wrote:
eh, depending on what you’re storing couldn’t it hit the RFC cookie
limit pretty easily?
The only piece of data you would need is the user id. Everything else can be
deduced from that.
not really saving much database load there then
Glen_L
October 22, 2008, 5:12pm
9
session keeping?
maybe config with ip_hash can help you to do this job.
and the document http://wiki.codemongers.com/NginxHttpUpstreamModule