Hi All, Is nginx already supported session keeping? For example I have nginx load balancer in front Then I have 2 webservers as backend server A & B When I tried to login maybe i've logged in in server A, but when the load balancer move me to server B, my status is not logged in Which module that I can use for this issue? Regards, Glen Lumanau
on 2008-10-22 07:47
on 2008-10-22 07:54
use central session management. it's much better (in my opinion) than relying on sticky sessions / webservers / load balancers / etc. use a database, or msession, or some other distributed session store
on 2008-10-22 07:56
if using database, it will make my database server overload i tought. Or maybe it's better to use ip_hash module?
on 2008-10-22 08:02
depends on your visitor count, architecture, etc, etc. you can also put in a cache like memcached in as well, there's a lot of things you can do.
on 2008-10-22 08:23
On Tue, 21 Oct 2008 22:56:57 -0700, mike <email@example.com> wrote: > depends on your visitor count, architecture, etc, etc. you can also > put in a cache like memcached in as well, there's a lot of things you > can do. > Or encode the session data in the cookie value, like the Rails guys do
on 2008-10-22 12:36
eh, depending on what you're storing couldn't it hit the RFC cookie limit pretty easily? i suppose it has some sort of key and expiry in it so people can't spoof alternate expiry times etc.
on 2008-10-22 13:15
> eh, depending on what you're storing couldn't it hit the RFC cookie > limit pretty easily? The only piece of data you would need is the user id. Everything else can be deduced from that. > i suppose it has some sort of key and expiry in it so people can't > spoof alternate expiry times etc. Not really sure, haven't used it in production and I'm not working with rails at the moment. You make a good point thou, you probably need two things, the user id, and an expiry time encoded in the cookies value. Cheers Dave
on 2008-10-22 17:12
session keeping? maybe config with ip_hash can help you to do this job. and the document http://wiki.codemongers.com/NginxHttpUpstreamModule
on 2008-10-22 21:38
On Wed, Oct 22, 2008 at 4:08 AM, Dave Cheney <firstname.lastname@example.org> wrote: >> eh, depending on what you're storing couldn't it hit the RFC cookie >> limit pretty easily? > > The only piece of data you would need is the user id. Everything else can be > deduced from that. not really saving much database load there then :P