3

We are investigating if it is possible to use HAProxy to load balance across multiple tomcat servers. We would like to use HTTPs for all requests and use sessions via the JSESSIONID cookie. HAProxy doesn't support SSL natively but we can use stunnel in front of it.

With this setup in mind:

1) Do we have to use sticky sessions (subsequent request always go to the same tomcat instance) ?

2) If we do have to use sticky sessions then how could we solve updating our tomcat instance with a new webapp deployment without having to force the users to log out (losing their sessions) ?

Benjamin
  • 539
  • 2
  • 6
  • 16

1 Answers1

4

You don't have to use sticky sessions, but if you don't use sticky sessions you will need to use a shared session solution, as described at http://tomcat.apache.org/tomcat-7.0-doc/config/manager.html (the JDBC session store will probably be the way to go). I'm betting you could find code to do the session store in Redis or Memcache, but I haven't looked extensively.

Once you do that it will also solve the issue with updating instances, although my experience hasn't been that web app updates automatically invalidate sessions (it seems only full restarts do that). I'll have to take a closer look at that, though.

Femi
  • 64,273
  • 8
  • 118
  • 148
  • That's correct. Your sessions should be available in a central location such as a network accessible key/value store. As mentioned by **Femi**, you don't need to use sticky sessions. HAProxy has an option: **balance source** which will keep track of the user's source IP and handle forwarding requests to the same tomcat instance. –  May 27 '11 at 05:31