Configure session persistence - Server Load Balancer - Alibaba Cloud Documentation Center

Some applications need to maintain persistence with user sessions to protect user data, such as shopping carts, logon information, user preference, and games. If requests from the same client are distributed to different servers, user data may be lost. This compromises user experience. After you enable session persistence for your Application Load Balancer (ALB) instance, requests from the same client are forwarded to the same backend server to ensure data consistency and improve user experience.

Background information

By default, ALB distributes requests to different backend servers. After you enable the session persistence feature, requests from the same client are forwarded to the same backend server. This allows the backend server to maintain status information and provide continuous service to the client.

Session persistence disabled: Requests from the same client may be distributed to different backend servers of ALB. In some scenarios, such as scenarios in which you log on to a backend server to obtain interaction information, you may need to log on to the backend server multiple times.
Session persistence enabled: Requests from the same client are distributed to the same backend server of ALB. In some scenarios, such as scenarios in which you log on to a backend server to obtain interaction information, you do not need to log on to the backend server multiple times.

To enable session persistence for your ALB instance, you must select a method to manage cookies. The following methods are supported:

Insert cookies: ALB inserts the SERVERID and SERVERCORSID cookies into the first response that is sent to a client. The SERVERCORSID cookie is generated based on the SERVERID cookie and has the samesite=None attribute. Subsequent requests from the client carry the cookies, and ALB forwards the requests to the recorded backend server.
Note
If session persistence is enabled, SameSite=None is automatically configured for cookies. You do not need to manually configure the attribute. This allows browsers to save cookies when cross-origin resource sharing (CORS) is configured in the forwarding rules of ALB.
Rewrite cookies: When ALB detects a user-defined cookie, ALB rewrites the original cookie with the user-defined cookie. Subsequent requests from the client carry the user-defined cookie, and ALB forwards the requests to the recorded backend server.

Limits

If you use a server group of the Function Compute type, you do not need to configure session persistence. For more information, see Create a server group.

Prerequisites

An Internet-facing ALB instance is created and running. For more information, see Create an ALB instance.
A server group of the Function Compute or IP type is created. For more information, see Create a server group.
Two Elastic Compute Service (ECS) instances named ECS01 and ECS02 are specified as backend servers to receive requests. Different backend services are deployed on ECS01 and ECS02. Requests to ECS01 and ECS02 receive different responses. For example, ECS01 returns "Hello World ! This is ECS01", and ECS02 returns "Hello World ! This is ECS02". Make sure that the security groups of the ECS instances allow requests to the ports used by the backend services.
ECS01 and ECS02 are added to the server group. For more information, see Add backend servers.
A listener is created for the ALB instance. For more information, see Add an HTTP listener, Add an HTTPS listener, and Add a QUIC listener.

Step 1: Configure session persistence for the ALB instance

Log on to the ALB console.
In the top navigation bar, select the region where you want to create a server group.
In the left-side navigation pane, choose ALB > Server Groups.
On the Server Groups page, find the server group that you want to manage and click Modify Basic Information in the Actions column.
In the Modify Basic Information dialog box, turn on Session Persistence.
Session Persistence: Turn on Session Persistence and configure the Cookie Persistence parameter.
- If you select Insert Cookie, configure the Session Persistence Timeout Period parameter and click Save.
- If you select Rewrite Cookie, configure the Cookie Name parameter and click Save.
  In this example, the cookie is named BACKEND_SERVER. You can specify a name based on your business requirements.

(Optional) Step 2: Configure cookies for backend servers

If you enable session persistence and set the cookie option to Rewrite Cookie, you must configure cookies for the backend servers.

Remotely log on to the ECS instance. For more information, see Connect to an ECS instance.
Configure cookies for your web servers.
Note
The method used to configure cookies varies based on the type of web server. The following procedure shows how to configure cookies on commonly used web servers. If you use a different web server, refer to the user guide of the web server.
Nginx
In this example, the CentOS 7.9 operating system and NGINX 1.20.1 are used. Adjust the configurations based on the environment that you use.
1. Modify and save the NGINX configuration file. The following code block shows an example. Run the nginx -t command to query the path of the configuration file. In most cases, the path of the configuration file is /etc/nginx/nginx.conf. The path may vary based on the environment that you use.
```
http {
  # ...
  server {
    listen       80;
    # Set BACKEND_SERVER to the cookie name used to rewrite cookies. Set value to a custom string. 
    add_header Set-Cookie "BACKEND_SERVER=value";
    # ...
  }
}
```
2. Run the following command to reload the NGINX configuration file:
```
sudo nginx -s reload
```
Apache
In this example, the CentOS 7.9 operating system and Apache 2.4.6 are used. Adjust the configurations based on the environment that you use.
1. Modify and save the Apache configuration file. The following code block shows an example. The default path of the configuration file is /etc/httpd/conf/httpd.conf. The path may vary based on the environment that you use.
```
# ...
Listen 80
# Set BACKEND_SERVER to the cookie name used to rewrite cookies. Set value to a custom string. 
Header always set Set-Cookie "BACKEND_SERVER=value"
# ...
```
2. Run the following command to reload the Apache configuration file for the settings to take effect:
```
 sudo systemctl reload httpd.service
```
Repeat the preceding steps to modify the configurations of other backend servers in the server group.

Step 3: Test whether session persistence takes effect

Log on to the ALB console.
In the top navigation bar, select the region in which the ALB instance is deployed. Copy the domain name of the ALB instance that you want to manage.
Visit the domain name from your browser and refresh the page to test whether the same server is accessed.
For example, your first request is sent to ECS01. Refresh the page to test whether subsequent requests are also sent to ECS01.
If your requests are distributed between ECS01 and ECS02, session persistence fails. Check the session persistence configurations and try again.

References

If a problem persists, see FAQ about ALB.
If a health check issue persists, see Troubleshoot ALB health check issues.