In a single application to share data across pages, the commonly used method is to use HttpSession. Before the page is closed, the data of the entire session is shared in real time. The principle can be roughly referred to the following figure.
In distributed, each service Each has its own domain name, so each service has its own cookie scope, and the cookie only exists in its own scope, which means that the session cannot be shared across scopes ; even in the same service, if this service Deployed on multiple servers, there is a session stored on one server, but there is no such session on other servers. Of course, the session cannot be found when the load balance is forwarded to other servers, which means that multiple copies of the same service will not exist. Synchronization problems, of
course, have to be solved if there are problems, then let’s talk about how to solve these problems
session replication
For example, when we access the same service, when the load balances to a server generates a session, use the session replication method to synchronously copy the session of this server to other servers, so that this session can still be used when the load is balanced to other servers
Advantages:
web-server (tomcat) native support, only need to modify the configuration file.
Disadvantages
1. Session synchronization requires data transmission, which takes up a lot of network bandwidth and reduces the business processing capacity of the server cluster
2. Any web-server is saved The sum of the sessions of all web-servers cannot be expanded horizontally due to memory constraints. More web-servers cannot be expanded horizontally
. 3. In a large distributed cluster, all web-servers store full data. This solution is not advisable. Of course, if there are only a few services, it is still Can consider this plan
Client storage
The so-called client-side storage is to store the data returned by the service in the browser’s cookie. The browser brings the cookie when requesting the service. The service directly reads the cookie brought by the browser.
Advantages The
server does not need to save the session, the user saves his own session information in a cookie, save server resources
drawback
1. each http request, the user needs to carry the complete information in the cookie, wasting network bandwidth
2. session data exists cookie, but the cookie length of only 4K, can not save a lot of information
3 . The session is stored in the cookie, and there are security risks such as leakage, tampering, and theft.
hash consistency
Use load balancing to forward all the user's requests to the same server, such as identifying the user's ip address, user ID and other unique identification, using the load balancing mechanism to forward all his requests to the same server in a fixed manner. There is no need to worry about the non-existent session on the same server.
Advantages
1. Only need to modify the configuration of NGINX, no need to modify the application code
2. Load balancing, as long as the value of the hash attribute is evenly distributed, the load of the polymorphic web-server is the same Balanced
3. Can support the horizontal expansion of web-server
Disadvantages
1. The session still exists in the web-server. If the service restarts, it may cause session loss and affect the business
. 2. If the web-server expands horizontally, the session is redistributed after rehashing. Some users may not be able to route the correct session
Unified storage
The above method, because the load balancing mechanism will jump to different services, and the session is each service stores its own memory space, so when jumping to a different service, the session of the previous service does not exist in the current service. Therefore, the session can be stored in a unified manner, no matter which service it is, it does not need to store the session in its own memory, but the session is stored in the database, such as Redis or middleware.
Advantages
1. No security risks
2. Can be expanded horizontally, database/ Cache level segmentation is enough
3. Web-server restart or expansion will not cause session loss
Disadvantages
1. Add a network call, and need to modify the application code
