Sticky Sessions in Traefik 2.1
As I move from Docker to Kubernetes, I am moving to use Traefik 2.1 for my ingress. I need sticky sessions to support some of my applications.
If you've tried looking through the documentation and searching the internet, there's not much on the latest version of Traefik. Currently that's 2.1. There's even less on the official documentation about using Kubernetes. Then even less on configuring sticky sessions. Which is really, really sad. Especially for a load balancer application where sticky sessions is a basic function. Anyways, that's my rant so far. Now to how to solve the problem.
Digging through the source code I found a sticky.cookie
element you can add to your route. There are 3 options:
Name | Purpose |
---|---|
httpOnly |
Adds the HttpOnly flag to the cookie |
name |
Sets the name of the cookie |
secure |
Makes the cookie only apply to https requests |
Now, I bet you're wondering where to put that. It goes on your IngressRoute in the route service. Here's a full example that uses a cookie named pester
to store the sticky data:
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: myingressroute
namespace: default
spec:
entryPoints:
- web
routes:
- match: PathPrefix(`/whoami`)
kind: Rule
services:
- name: whoami
port: 80
sticky:
cookie:
httpOnly: true
name: pester
Currently, it stores the IP address and port of the container connecting to. Which is sad. It would be nice to see them use a UUID or something unique instead or at least make that a configurable option. Security guys don't seem to like IP's being disclosed to the public.
If you want to go dumpster diving through the code to figure out anything else about sticky sessions, the file that it's stored in is at https://github.com/containous/traefik/blob/v2.1/pkg/server/service/loadbalancer/wrr/wrr.go.
I hope this helps someone, because it sure would have been nice to have a plain, simple, basic example.