微信公众号搜"智元新知"关注
微信扫一扫可直接关注哦!

Nginx Ingress session-cookie-expires 在 kubernetes 中不起作用

如何解决Nginx Ingress session-cookie-expires 在 kubernetes 中不起作用

在 Azure 和 kubernetes 上部署的应用程序版本为 1.19.6,nginx-ingress-controller 版本为 0.27.1

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
Metadata:
namespace: qas
name: ingress
annotations:
 kubernetes.io/ingress.class: "Nginx"
 kubernetes.io/ingress.allow-http: "false"

 Nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
 Nginx.ingress.kubernetes.io/http2-push-preload: "true"
 Nginx.ingress.kubernetes.io/affinity: "cookie" 
 Nginx.ingress.kubernetes.io/affinity-mode: "persistent"
 Nginx.ingress.kubernetes.io/upstream-fail-timeout: "300"
 Nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
 Nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
 # Legacy: for compatibilty with older browsers: https://kubernetes.github.io/ingress-Nginx/examples/affinity/cookie/
 Nginx.ingress.kubernetes.io/session-cookie-name: "INGRESSCOOKIE"
 Nginx.ingress.kubernetes.io/session-cookie-expires: "3600"
 Nginx.ingress.kubernetes.io/session-cookie-max-age: "3600"

 #-----project specific-----#
 Nginx.ingress.kubernetes.io/app-root: "/welcome"
 
 #----No ip whitelist for storefront,we fully depend on NSG rules in both D/Q/P-----#
 Nginx.ingress.kubernetes.io/server-snippet:  |
    # maintanance page
    #rewrite ^(.*)$ https://www.maintenance.bosch.com/ redirect;

    ####################################
    #  NOTE for storefront we strictly don't allow access to admin urls
    #################################
    if ( $uri ~* "^/(smartedit|backoffice|hac|hmc|mcc|cmssmart*|maintenance|boschfoundationemployee|embeddedserver|groovynature|acceleratorservices|authorizationserver|permission*|previewwebservices|tomcatembeddedserver|.*cockpit)" ) {
         return 403;
    }                
    
 Nginx.ingress.kubernetes.io/configuration-snippet:  |
    server_name_in_redirect on;
    chunked_transfer_encoding off;
    proxy_ignore_client_abort on;
    gzip on;
    gzip_vary on;
    gzip_min_length 1;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/javascript application/json application/xml image/png image/svg+xml;
    gzip_disable "MSIE [1-6]\.";
    set $redirection_target "/";
    
    #------project specific-----#
    # Todo: Change to quality.aacentral.bosch.tech once migration is completed
    set $best_http_host rb-q-aa-central.westeurope.cloudapp.azure.com;

    # only if we did not redirect apply headers for caching
    if ($uri ~* \.(js|css|gif|jpe?g|png|woff2)) {
       # for older browsers
       expires 5h;
       add_header Cache-Control "private,max-age=1800,stale-while-revalidate";
    }

spec:
  tls:
      - hosts:
        - domain.com
        secretName: waf
  rules:
      - host: domain.com
        http:
         paths:
          - backend:
             serviceName: svc
             servicePort: 443
            path: /    

Ingress 工作正常,但注释

 Nginx.ingress.kubernetes.io/session-cookie-name: "INGRESSCOOKIE"
 Nginx.ingress.kubernetes.io/session-cookie-expires: "3600"
 Nginx.ingress.kubernetes.io/session-cookie-max-age: "3600"

不管我怎么改超时值,300s还是一样 而且我在部署nginx-ingress-controller后在Nginx.conf中找不到session-affinity配置,而且Nginx官方文档也没有章节描述这个注解是如何工作的。

希望有人可以提供任何材料来了解它是如何工作的以及为什么超时不起作用。

谢谢

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。