we want to use a F5 loadbalancer in front of two nginx instances, which
balance the load to our app-nodes.
The F5 loadbalancer distributes incoming requests via round-robin
algorithm
to the two nginx instances.
The nginx instances should be configured to use ip_hash to distribute
the
requests to the addnodes ensuring sticky sessions. Specific customer
requirements make the use of cookies to ensure sticky sessions
impossible.
I understand, that all nginx instances use the same function to hash the
IP
adress. But i am not sure if the distribution of the hash values to the
appnodes happens in a consistent way.
I came across the following discussion on github which indicates that
the
same IP address may be forwarded to different appnodes in the scenario
described above:
Long story short / tl;dr:
Will different nginx instances forward requests from the same IP always
to
the same appnode when using ip_hash as a load balancing method?
we want to use a F5 loadbalancer in front of two nginx instances,
which balance the load to our app-nodes.
Why not cut out the F5, use stream to balance between the same
instance(s)
(loop back) with either a single server block and loadbalanced upstream
or
split up, which ever works best / more consistent in load distribution.
nginx is by default a better loadbalancer then a F5, but that’s a
personal
opinion.
On Thu, May 21, 2015 at 12:14:36PM -0400, s_n wrote:
requirements make the use of cookies to ensure sticky sessions impossible.
Long story short / tl;dr:
Will different nginx instances forward requests from the same IP always to
the same appnode when using ip_hash as a load balancing method?
As long as you use identical lists of servers in the upstream{}
blocks on your nginx instances, balancing on instances should be
identical.
Note though, that if an upstream server is considered down due to
errors, nginx will re-route requests to other servers, see Module ngx_http_upstream_module.
And since different instances (and even different worker processes)
may see different errors, this re-routing may be different.
That is, ip_hash balancing method does not guarantee that all
requests from a specific IP address will be routed to a given
upstream server. Rather, it’s a method to minimize (but not to
eliminate) migration of users between upstream servers. Obviously
enough, it’s not possible to completely eliminate migration as
long as upstream servers may fail.