AWS NLB stickysession on EKS

Question

I`m trying to apply NLB sticky session on a EKS environment.

There are 2 worker nodes(EC2) connected to NLB target group, each node has 2 nginx pods.

I wanna connect to same pod on my local system for testing.

But it looks like connected different pod every trying using 'curl' command.

this is my test yaml file and test command.

apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: udptest
  labels:
     app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: container
        image: nginx 
        ports:
        - containerPort: 80
      nodeSelector:
        zone: a
---
apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: udptest2
  labels:
     app: nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: container
        image: nginx 
        ports:
        - containerPort: 80
      nodeSelector:
        zone: c
---
apiVersion: v1
kind: Service
metadata:
  name: nginx-nlb
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
spec:
  selector:
    app: nginx
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
  type: LoadBalancer

#!/bin/bash
number=0

while :
do
    if [ $number -gt 2 ]; then
        break
    fi
curl -L -k -s -o /dev/null -w "%{http_code}\n" <nlb dns name>
done

How can i connect to specific pod by NLB`s sticy session every attempt?

Answer 1

As much as i understand ClientIP value for sessionAffinity is not supported when the service type is LoadBalancer.

You can use the Nginx ingress controller and implement the affinity over there.

https://kubernetes.github.io/ingress-nginx/examples/affinity/cookie/

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: test-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/affinity: "cookie"
    nginx.ingress.kubernetes.io/session-cookie-name: "test-cookie"
    nginx.ingress.kubernetes.io/session-cookie-expires: "172800"
    nginx.ingress.kubernetes.io/session-cookie-max-age: "172800"
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    nginx.ingress.kubernetes.io/affinity-mode: persistent
    nginx.ingress.kubernetes.io/session-cookie-hash: sha1
spec:
  rules:
  - host: example.com
    http:
      paths:
      - path: /
        backend:
          serviceName: service
          servicePort: port

Good article : https://zhimin-wen.medium.com/sticky-sessions-in-kubernetes-56eb0e8f257d

Answer 2

You need to enable it:

annotations:
  service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
  service.beta.kubernetes.io/aws-load-balancer-target-group-attributes: stickiness.enabled=true,stickiness.type=source_ip