I have a problem with my load balancer setup where it always redirect most traffic (like 99%) to one pod. Basically the infrastrucure shown on diagram below. The objective is I need sticky session to be enabled, whether on nginx or Google load balancer, and my traffic is distributed equally to available pods.
<https://lh3.googleusercontent.com/-NGGZcSCaiQw/WqtbYFep2uI/AAAAAAAAKTc/zN_46UYlj4MqsezeJXYabI5QVo-1DH-OgCLcBGAs/s1600/Screenshot%2Bfrom%2B2018-03-16%2B16-51-16.png> Briefly, I have 2 RCs and 2 Services in my cluster. 1 pod of nginx served behind a Google Loadbalancer (nginx-lb) and another load balancer (app-lb) to balance traffic to 2 app pods. Here's what I thought of the config: - nginx-lb: I set the nginx-lb to sessionAffinity: None and externalTrafficPolicy: Local because I am thinking I don't need sticky session at this point, but I do need to pass through user's IP [1]. At this point all incoming traffic will be treated the same but we are trying to preserve user's IP by setting externalTrafficPolicy: Local. - nginx: The nginx itself has enabled ngx_http_realip_module [2] to keep user's IP forwarded but I did not use ip_hash as I am still thinking we don't need sticky session here yet. Again, just like nginx-lb I am trying to pass all incoming traffic but preserve user's IP. The nginx here is mainly for proxy and SSL handler. - app-lb: Then comes to app-lb where I enabled sessionAffinity: ClientIP for sticky session and externalTrafficPolicy: Cluster for load balancing [1]. I believe this is where the actual load balancing by ClientIP happen as this is the only service that has/know 2 pods behind it. I tested this configuration with ~50ish actual users running for ~6 hours but still redirected to one pod, while the other pod is idle with low cpu and memory usage compared to the first one. I'd like to ask with the setup, am I getting right with what I want to achieve? Is there a configuration I am missing? Any input will be highly appreciated. [1] https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip [2] http://nginx.org/en/docs/http/ngx_http_realip_module.html -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.