tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: jk load balancing based upon ip address rather than session id
Date Thu, 12 Jun 2008 23:01:32 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Simon,

Simon Papillon wrote:
| Forgive me if I'm overlooking something, but as far as I understand
| it, the sticky session mechanism is driven off the JSESSIONID that is
| assigned by the tomcat container when a client first makes a request
| that instigates a session creation, if no JSESSIONID cookie was sent
| as part of the request the node is chosen according to the
| worker.loadbalancer.method (Request, Session, Traffic, Busyness i
| think Request is the default).

I'm a little unclear on the details within mod_jk, but yes, that's the idea.

| Once a JSESSIONID has been set by a
| container  the load balancer will then attach the JVMRoute onto the
| end which will then be used by the jk load balancer in future requests
| to determine the node to use to service the request.  e.g. if I have
| three nodes (tomcatA, tomcatB, tomcatC) I could have the following
| scenario...
|
| child.first-domain.com : JSESSIONID =
D75AA77AC6FBF43F2C2DDC195DDA6D44.tomcatC
| doctor.second-domain.com : JSESSIONID =
5D211C177DFB064DEF731832CF07D693.tomcatA
| nurse.third-domain.co.uk : JSESSIONID =
E1EC672CAAA3F2F8348C2A23991DF46B.tomcatB

Hmm... I'm beginning to see the problem. That wasn't entirely clear from
your original post.

Since you want to use SSO, I'm assuming that you are running all three
(or more) applications in the same instance of Tomcat, even though there
are multiple instances of Tomcat at work (on separate servers, presumably).

The first request to each of these domain names does not include a
cookie because the domains do not match. Each initial request to the
distinct domains causes a fresh random choice amongst the servers, so
you are not likely to get lucky and have all your initial requests
randomly end up at the same server, and therefore SSO fails. :(

| Let me know if I'm misunderstanding some fundermental way in which the
| jk load balancer works, or if I'm not explaing myself well,

No, you were right... I just wasn't understanding your initial question.

So, really, it's not that you want to "load balance" based upon IP
address... you really want to predictably choose a member of the server
farm based upon some knowledge of the client such that, regardless of
the domain name used, the initial request (and therefore all the rest)
go to a particular member.

You may be able to do this, but you'll certainly have to hack mod_jk in
order to do it.

I believe there is a method in mod_jk that chooses the jvmRoute for the
first (JSESSIONID-less) request. If you were to modify that algorithm,
you could achieve your goal, here. I'm a little worried that you might
implement a fragile algorithm, though, and end up with an unbalanced
load balancer.

Do you have options other than using SSO?

Come to think of it... how does SSO work when you switch domains with
even a single server -- that is, without load balancing in the mix? I
would expect that, since you are switching domains, your browser would
not send a JSESSIONID cookie to the server, and thus you would not be
recognized as having an existing session.

??!

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkhRqswACgkQ9CaO5/Lv0PDukQCeMKv8qpvuvKsag1AMLWqsaNSV
GA4An19MrUrE/FPRTGMpWvNSLgF5Zs3K
=n6yV
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message