Azure kubernetes - 具有会话管理的应用程序?
Azure kubernetes - Application with Session management?
我计划在 Azure kubernetes 上部署使用会话的 Asp.net 应用程序。如何确保传入请求进入创建会话的同一个 pod。
建议部署在 Kubernetes 上的应用设计遵循 The Twelve Factor App.
如果应用 无状态 并且 不与其他实例共享任何内容,一切都会变得更容易。参见 Twelve Factor App - Processes
Twelve-factor processes are stateless and share-nothing. Any data that needs to persist must be stored in a stateful backing service, typically a database.
Some web systems rely on “sticky sessions” – that is, caching user session data in memory of the app’s process and expecting future requests from the same visitor to be routed to the same process. Sticky sessions are a violation of twelve-factor and should never be used or relied upon. Session state data is a good candidate for a datastore that offers time-expiration, such as Memcached or Redis.
使用Redis是一种存储属于用户的临时数据的方法。
对于身份验证,我建议在 Authorization: Bearer <token> header 中使用带有 JWT 令牌的 OpenID Connect。参见例如Azure Active Directory B2C OpenID Connect 提供商示例。
我计划在 Azure kubernetes 上部署使用会话的 Asp.net 应用程序。如何确保传入请求进入创建会话的同一个 pod。
建议部署在 Kubernetes 上的应用设计遵循 The Twelve Factor App.
如果应用 无状态 并且 不与其他实例共享任何内容,一切都会变得更容易。参见 Twelve Factor App - Processes
Twelve-factor processes are stateless and share-nothing. Any data that needs to persist must be stored in a stateful backing service, typically a database.
Some web systems rely on “sticky sessions” – that is, caching user session data in memory of the app’s process and expecting future requests from the same visitor to be routed to the same process. Sticky sessions are a violation of twelve-factor and should never be used or relied upon. Session state data is a good candidate for a datastore that offers time-expiration, such as Memcached or Redis.
使用Redis是一种存储属于用户的临时数据的方法。
对于身份验证,我建议在 Authorization: Bearer <token> header 中使用带有 JWT 令牌的 OpenID Connect。参见例如Azure Active Directory B2C OpenID Connect 提供商示例。