VMware NSX Container Plugin 3.1

4.2 4.1 4.0 3.2 3.1 3.0
简体中文 Deutsch Español Français Italiano 日本語 한국어 繁體中文 English

Setting Persistence for Layer 4 and Layer 7 Load Balancer

You can specify a persistence setting with the parameters
l4_persistence
 and
l7_persistence
 in the NCP ConfigMap.
The available option for layer 4 persistence is source IP. The available options for layer 7 persistence are cookie and source IP. The default is
<None>
. For example, 
   # Choice of persistence type for ingress traffic through L7 Loadbalancer.
   # Accepted values:
   # 'cookie'
   # 'source_ip'
   l7_persistence = cookie

   # Choice of persistence type for ingress traffic through L4 Loadbalancer.
   # Accepted values:
   # 'source_ip'
   l4_persistence = source_ip
For layer-7 persistence, you can also specify the name of the cookie.
    # Specify a custom cookie name for NSX default LB when l7_persistence type
    # is set to cookie. It has no effect if l7_persistence is not set.
    #cookie_name = <None>
For a Kubernetes LoadBalancer service, you can also specify
sessionAffinity
 on the service spec to configure persistence behavior for the service if the global layer 4 persistence is turned off, that is,
l4_persistence
 is set to
<None>
. If
l4_persistence
 is set to
source_ip
, the
sessionAffinity
 on the service spec can be used to customize the persistence timeout for the service. The default layer 4 persistence timeout is 10800 seconds (same as that specified in the Kubernetes documentation for services (https://kubernetes.io/docs/concepts/services-networking/service). All services with default persistence timeout will share the same
NSX
 load balancer persistence profile. A dedicated profile will be created for each service with a non-default persistence timeout.
If the backend service of an Ingress is a service of type LoadBalancer, then the layer 4 virtual server for the service and the layer 7 virtual server for the Ingress cannot have different persistence settings, for example,
source_ip
 for layer 4 and
cookie
 for layer 7. In such a scenario, the persistence settings for both virtual servers must be the same (
source_ip
,
cookie
, or
None
), or one of them is
None
 (then the other setting can be
source_ip
 or
cookie
). An example of such a scenario: 
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: cafe-ingress
spec:
  rules:
  - host: cafe.example.com
    http:
      paths:
      - path: /tea
        backend:
          serviceName: tea-svc
          servicePort: 80
-----
apiVersion: v1
kind: Service
metadata:
  name: tea-svc <==== same as the Ingress backend above
  labels:
    app: tea
spec:
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
    name: tcp
  selector:
    app: tea
  type: LoadBalancer

Content feedback and comments