We have HAProxy infront of a pair of API servers. Currently using appsession because a lot of API clients won't be maintaining a cookie - that's a burden we don't want to pass on to our users.
The problem we're facing is that once a client logs in, they have to stay on that particular API server, due to connections the API servers make to other services on behalf of the client. Unfortunately, there is no session identifier until after the first login request is made, so the next request made with the session identifier usually roundrobins to the opposite server and remains sticky there.
Here is our backend config:
backend api
mode http
option httplog
option httpclose
option httpchk HEAD /index.html
cookie apibalance insert indirect nocache
appsession sessionId len 36 timeout 360s request-learn mode query-string
server api01 api01.hostname:8080 cookie api1 check weight 30 inter 10000 downinter 20000
server api02 api01.hostname:8080 cookie api2 check weight 30 inter 10000 downinter 20000
The cookie apibalance is left over from how we were doing things, but I figure we can probably remove it now.
Is there a way to tell HAProxy, probably via the response, that future requests made with sessionId within the query-string should stick to the current server? Session Id is generated server side (the API server), and returned within a JSON response. Successive requests will be sent with the session id within the query string.
The answer, for me at least, was to do IP based stickiness.
And remove the cookie and appsession based configuration.