Shulou(Shulou.com)06/01 Report--

Session consistency solution, many novices are not very clear about this, in order to help you solve this problem, the following small series will explain in detail for everyone, there are people who need this can learn, I hope you can gain something.

What is a session?

The server creates a session for each user and stores information about the user so that multiple requests can locate the same context. This information is called a session. This way, variables stored in the session object are not lost when the user jumps between Web pages of the application, but persist throughout the user session.

Session is a supplement to http stateless protocol to achieve the purpose of state retention

What is Session Consistency?

Assuming that all user sessions containing login information are recorded on the first server, if the reverse proxy routes the request to another server, it may not find the relevant information, resulting in the user having to log in again.

Solution 1. Client saves cookies

Advantages:

Server does not need storage

Disadvantages:

Each http request carries a session, occupying network bandwidth.

Data is stored on the client and transmitted on the network, with potential safety hazards such as leakage and tampering.

The size of the data stored in the session is limited by cookies

Due to the continuous evolution of technology, there are three ways for clients to save cookies: full cookies, cookies to store sessionId and JWT. They have different advantages and disadvantages. You can click on another blog of the author to view related introductions.

Quick understanding of session management Three Musketeers cookies, sessions and JWT

2. session copy method

Thinking:

Multiple servers synchronize sessions with each other, so that each server contains all sessions.

Advantages:

Only configuration needs to be set, application does not need to modify code

Deficiencies:

Session synchronization requires data transmission, which takes up the bandwidth of the intranet and has delay.

All servers contain all session data, the amount of data is limited by the sever of the minimum memory, and the horizontal expansion ability is poor.

3. session center storage

Thinking:

Store sessions in a centralized cache on the server backend

Advantages:

have no security risk

Scalable horizontally, supporting cache clustering or horizontal scaling

Shortcomings:

Added a network call

Application code needs to be modified

4. session adhesion

Session adhesion: English original word is "Sticky Sessions"

Thinking:

How about a reverse proxy layer that keeps requests from the same user on a server?

Method 1: four-layer proxy hash. The reverse proxy layer uses user ip to hash to ensure that requests from the same ip fall on the same server (more recommended, to ensure that the transport layer does not introduce logic from the service layer).

Method 2: Seven-layer proxy hash. Reverse proxy uses some service attributes in http protocol to hash, such as sid, city_id, user_id, etc., which can implement hash policy more flexibly to ensure that the request of the same browser user falls on the same server.

Advantages:

Only nginx configuration needs to be changed, no application code needs to be modified

Support server horizontal expansion

Deficiencies:

Server horizontal expansion, re-distribution of session after rehash, some users will not be routed correctly session

Even if the hash is uniform, it cannot guarantee uniform load of the server.

Did reading the above help you? If you still want to have further understanding of related knowledge or read more related articles, please pay attention to the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.