Configuring Sticky Sessions for Your Load Balancers

You can create a sticky session policy to bind the session of a user to a specific backend virtual machine (VM).

This policy can be based on a specific duration, or controlled by an application of the VM. For more information, see About Load Balancers > Sticky Sessions.

After creating the policy, you must enable it for it to apply.

Create or Enable the Sticky Session Policy Using OSC CLI

Before you begin: Ensure your load balancer has a listener for the HTTP or HTTPS protocols, as sticky sessions can be configured for these protocols only. For more information, see Adding or Deleting Listeners.

Create the Sticky Session Policy

The CreateLoadBalancerPolicy command creates a stickiness policy with sticky session lifetimes defined by the browser lifetime.
The created policy can be used with HTTP or HTTPS listeners only.
If this policy is implemented by a load balancer, this load balancer uses this cookie in all incoming requests to direct them to the specified backend server virtual machine (VM). If this cookie is not present, the load balancer sends the request to any other server according to its load-balancing algorithm.

You can also create a stickiness policy with sticky session lifetimes following the lifetime of an application-generated cookie.
Unlike the other type of stickiness policy, the lifetime of the special Load Balancer Unit (LBU) cookie follows the lifetime of the application-generated cookie specified in the policy configuration. The load balancer inserts a new stickiness cookie only when the application response includes a new application cookie.
The session stops being sticky if the application cookie is removed or expires, until a new application cookie is issued.

For more information, see About Load Balancers.

Request sample: Creating a load balancer policy based on browser

$ osc-cli api CreateLoadBalancerPolicy --profile "default" \
    --LoadBalancerName "example-lbu" \
    --PolicyName "example-browser-policy" \
    --PolicyType "load_balancer"

Request sample: Creating a load balancer policy based on application cookie

$ osc-cli api CreateLoadBalancerPolicy --profile "default" \
    --LoadBalancerName "example-lbu" \
    --PolicyName "example-app-policy" \
    --PolicyType "app" \
    --CookieName "example-cookie"

This command contains the following attributes that you need to specify:

CookieExpirationPeriod: (optional) The lifetime of the cookie, in seconds. If not specified, the default value of this parameter is 1, which means that the sticky session lasts for the duration of the browser session.
CookieName: (optional) The name of the application cookie used for stickiness. This parameter is required if you create a stickiness policy based on an application-generated cookie.
DryRun: (optional) If true, checks whether you have the required permissions to perform the action.
LoadBalancerName: The name of the load balancer for which you want to create a policy.
PolicyName: The unique name of the policy, with a maximum length of 32 alphanumeric characters and dashes (-).
PolicyType: The type of stickiness policy you want to create: app or load_balancer.

The CreateLoadBalancerPolicy command returns the following elements:

LoadBalancer: Information about the load balancer.
- AccessLog: Information about access logs.
  - IsEnabled: If true, access logs are enabled for your load balancer. If false, they are not. If you set this to true in your request, the OsuBucketName parameter is required.
  - OsuBucketName: The name of the OOS bucket for the access logs.
  - OsuBucketPrefix: The path to the folder of the access logs in your OOS bucket (by default, the root level of your bucket).
  - PublicationInterval: The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either 5 or 60 (by default, 60).
- ApplicationStickyCookiePolicies: The stickiness policies defined for the load balancer.
  - CookieName: The name of the application cookie used for stickiness.
  - PolicyName: The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.
- BackendIps: One or more public IPs of backend VMs.
- BackendVmIds: One or more IDs of backend VMs for the load balancer.
- DnsName: The DNS name of the load balancer.
- HealthCheck: Information about the health check configuration.
  - CheckInterval: The number of seconds between two requests (between 5 and 600 both included).
  - HealthyThreshold: The number of consecutive successful requests before considering the VM as healthy (between 2 and 10 both included).
  - Path: If you use the HTTP or HTTPS protocols, the request URL path.
  - Port: The port number (between 1 and 65535, both included).
  - Protocol: The protocol for the URL of the VM (HTTP | HTTPS | TCP | SSL).
  - Timeout: The maximum waiting time for a response before considering the VM as unhealthy, in seconds (between 2 and 60 both included).
  - UnhealthyThreshold: The number of consecutive failed requests before considering the VM as unhealthy (between 2 and 10 both included).
- Listeners: The listeners for the load balancer.
  - BackendPort: The port on which the backend VM is listening (between 1 and 65535, both included).
  - BackendProtocol: The protocol for routing traffic to backend VMs (HTTP | HTTPS | TCP | SSL).
  - LoadBalancerPort: The port on which the load balancer is listening (between 1 and 65535, both included).
  - LoadBalancerProtocol: The routing protocol (HTTP | HTTPS | TCP | SSL).
  - PolicyNames: The names of the policies. If there are no policies enabled, the list is empty.
  - ServerCertificateId: The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs).
- LoadBalancerName: The name of the load balancer.
- LoadBalancerStickyCookiePolicies: The policies defined for the load balancer.
  - CookieExpirationPeriod: The time period, in seconds, after which the cookie should be considered stale.
    If 1, the stickiness session lasts for the duration of the browser session.
  - PolicyName: The name of the stickiness policy.
- LoadBalancerType: The type of load balancer. Valid only for load balancers in a Net.
  If LoadBalancerType is internet-facing, the load balancer has a public DNS name that resolves to a public IP.
  If LoadBalancerType is internal, the load balancer has a public DNS name that resolves to a private IP.
- NetId: The ID of the Net for the load balancer.
- PublicIp: (internet-facing only) The public IP associated with the load balancer.
- SecuredCookies: Whether secure cookies are enabled for the load balancer.
- SecurityGroups: One or more IDs of security groups for the load balancers. Valid only for load balancers in a Net.
- SourceSecurityGroup: Information about the source security group of the load balancer, which you can use as part of your inbound rules for your registered VMs.
  To only allow traffic from load balancers, add a security group rule that specifies this source security group as the inbound source.
  - SecurityGroupAccountId: The account ID of the owner of the security group.
  - SecurityGroupName: The name of the security group.
- Subnets: The ID of the Subnet in which the load balancer was created.
- SubregionNames: The ID of the Subregion in which the load balancer was created.
- Tags: One or more tags associated with the load balancer.
  - Key: The key of the tag, with a minimum of 1 character.
  - Value: The value of the tag, between 0 and 255 characters.
ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample: Creating a load balancer policy based on browser

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "default",
      "SecurityGroupAccountId": "123456789012"
    },
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "example-lbu-123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [
      {
        "PolicyName": "example-browser-policy",
        "CookieExpirationPeriod": 1
      }
    ],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 80,
        "LoadBalancerProtocol": "HTTP"
      }
    ],
    "LoadBalancerName": "example-lbu"
  }
}

Result sample: Creating a load balancer policy based on application cookie

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "default",
      "SecurityGroupAccountId": "123456789012"
    },
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [
      {
        "PolicyName": "example-app-policy",
        "CookieName": "example-cookie"
      }
    ],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "example-lbu-123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 80,
        "LoadBalancerProtocol": "HTTP"
      }
    ],
    "LoadBalancerName": "example-lbu"
  }
}

Enable the Sticky Session Policy

To enable the sticky session policy, use the SetLoadBalancerPoliciesOfListener command following this syntax:

Request sample

$ osc-cli lbu SetLoadBalancerPoliciesOfListener --profile "default" \
  --LoadBalancerName "example-lbu" \
  --LoadBalancerPort 0 \
  --PolicyNames.member.0 "example-policy"

This command contains the following options that you need to specify:

LoadBalancerName : The name of the load balancer.
LoadBalancerPort : The external port of the load balancer.

PolicyNames.member.0 : The name of the policy you want to enable for the listener.

Only one policy can be active at a time. If there is already a policy enabled for the listener, the new one you specify replaces it.
To disable an enabled policy, specify [] for this parameter.

The sticky session policy is enabled for the specified load balancer.

Create or Enable the Sticky Session Policy Using oapi-cli

Create the Sticky Session Policy

For more information, see About Load Balancers.

Request sample: Creating a load balancer policy based on browser

$ oapi-cli --profile "default" CreateLoadBalancerPolicy \
    --LoadBalancerName "example-lbu" \
    --PolicyName "example-browser-policy" \
    --PolicyType "load_balancer"

Request sample: Creating a load balancer policy based on application cookie

$ oapi-cli --profile "default" CreateLoadBalancerPolicy \
    --LoadBalancerName "example-lbu" \
    --PolicyName "example-app-policy" \
    --PolicyType "app" \
    --CookieName "example-cookie"

This command contains the following attributes that you need to specify:

CookieExpirationPeriod: (optional) The lifetime of the cookie, in seconds. If not specified, the default value of this parameter is 1, which means that the sticky session lasts for the duration of the browser session.
CookieName: (optional) The name of the application cookie used for stickiness. This parameter is required if you create a stickiness policy based on an application-generated cookie.
DryRun: (optional) If true, checks whether you have the required permissions to perform the action.
LoadBalancerName: The name of the load balancer for which you want to create a policy.
PolicyName: The unique name of the policy, with a maximum length of 32 alphanumeric characters and dashes (-).
PolicyType: The type of stickiness policy you want to create: app or load_balancer.

The CreateLoadBalancerPolicy command returns the following elements:

LoadBalancer: Information about the load balancer.
- AccessLog: Information about access logs.
  - IsEnabled: If true, access logs are enabled for your load balancer. If false, they are not. If you set this to true in your request, the OsuBucketName parameter is required.
  - OsuBucketName: The name of the OOS bucket for the access logs.
  - OsuBucketPrefix: The path to the folder of the access logs in your OOS bucket (by default, the root level of your bucket).
  - PublicationInterval: The time interval for the publication of access logs in the OOS bucket, in minutes. This value can be either 5 or 60 (by default, 60).
- ApplicationStickyCookiePolicies: The stickiness policies defined for the load balancer.
  - CookieName: The name of the application cookie used for stickiness.
  - PolicyName: The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.
- BackendIps: One or more public IPs of backend VMs.
- BackendVmIds: One or more IDs of backend VMs for the load balancer.
- DnsName: The DNS name of the load balancer.
- HealthCheck: Information about the health check configuration.
  - CheckInterval: The number of seconds between two requests (between 5 and 600 both included).
  - HealthyThreshold: The number of consecutive successful requests before considering the VM as healthy (between 2 and 10 both included).
  - Path: If you use the HTTP or HTTPS protocols, the request URL path.
  - Port: The port number (between 1 and 65535, both included).
  - Protocol: The protocol for the URL of the VM (HTTP | HTTPS | TCP | SSL).
  - Timeout: The maximum waiting time for a response before considering the VM as unhealthy, in seconds (between 2 and 60 both included).
  - UnhealthyThreshold: The number of consecutive failed requests before considering the VM as unhealthy (between 2 and 10 both included).
- Listeners: The listeners for the load balancer.
  - BackendPort: The port on which the backend VM is listening (between 1 and 65535, both included).
  - BackendProtocol: The protocol for routing traffic to backend VMs (HTTP | HTTPS | TCP | SSL).
  - LoadBalancerPort: The port on which the load balancer is listening (between 1 and 65535, both included).
  - LoadBalancerProtocol: The routing protocol (HTTP | HTTPS | TCP | SSL).
  - PolicyNames: The names of the policies. If there are no policies enabled, the list is empty.
  - ServerCertificateId: The OUTSCALE Resource Name (ORN) of the server certificate. For more information, see Resource Identifiers > OUTSCALE Resource Names (ORNs).
- LoadBalancerName: The name of the load balancer.
- LoadBalancerStickyCookiePolicies: The policies defined for the load balancer.
  - CookieExpirationPeriod: The time period, in seconds, after which the cookie should be considered stale.
    If 1, the stickiness session lasts for the duration of the browser session.
  - PolicyName: The name of the stickiness policy.
- LoadBalancerType: The type of load balancer. Valid only for load balancers in a Net.
  If LoadBalancerType is internet-facing, the load balancer has a public DNS name that resolves to a public IP.
  If LoadBalancerType is internal, the load balancer has a public DNS name that resolves to a private IP.
- NetId: The ID of the Net for the load balancer.
- PublicIp: (internet-facing only) The public IP associated with the load balancer.
- SecuredCookies: Whether secure cookies are enabled for the load balancer.
- SecurityGroups: One or more IDs of security groups for the load balancers. Valid only for load balancers in a Net.
- SourceSecurityGroup: Information about the source security group of the load balancer, which you can use as part of your inbound rules for your registered VMs.
  To only allow traffic from load balancers, add a security group rule that specifies this source security group as the inbound source.
  - SecurityGroupAccountId: The account ID of the owner of the security group.
  - SecurityGroupName: The name of the security group.
- Subnets: The ID of the Subnet in which the load balancer was created.
- SubregionNames: The ID of the Subregion in which the load balancer was created.
- Tags: One or more tags associated with the load balancer.
  - Key: The key of the tag, with a minimum of 1 character.
  - Value: The value of the tag, between 0 and 255 characters.
ResponseContext: Information about the context of the response.
- RequestId: The ID of the request.

Result sample: Creating a load balancer policy based on browser

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "default",
      "SecurityGroupAccountId": "123456789012"
    },
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "example-lbu-123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [
      {
        "PolicyName": "example-browser-policy",
        "CookieExpirationPeriod": 1
      }
    ],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 80,
        "LoadBalancerProtocol": "HTTP"
      }
    ],
    "LoadBalancerName": "example-lbu"
  }
}

Result sample: Creating a load balancer policy based on application cookie

{
  "ResponseContext": {
    "RequestId": "0475ca1e-d0c5-441d-712a-da55a4175157"
  },
  "LoadBalancer": {
    "Tags": [],
    "SourceSecurityGroup": {
      "SecurityGroupName": "default",
      "SecurityGroupAccountId": "123456789012"
    },
    "Subnets": [
      "subnet-12345678"
    ],
    "NetId": "vpc-12345678",
    "BackendVmIds": [],
    "ApplicationStickyCookiePolicies": [
      {
        "PolicyName": "example-app-policy",
        "CookieName": "example-cookie"
      }
    ],
    "SecurityGroups": [
      "sg-12345678"
    ],
    "LoadBalancerType": "internet-facing",
    "AccessLog": {
      "PublicationInterval": 60,
      "IsEnabled": false
    },
    "DnsName": "example-lbu-123456789.eu-west-2.lbu.outscale.com",
    "HealthCheck": {
      "UnhealthyThreshold": 2,
      "Timeout": 5,
      "CheckInterval": 30,
      "Protocol": "TCP",
      "HealthyThreshold": 10,
      "Port": 80
    },
    "LoadBalancerStickyCookiePolicies": [],
    "SubregionNames": [
      "eu-west-2a"
    ],
    "Listeners": [
      {
        "BackendPort": 80,
        "BackendProtocol": "HTTP",
        "LoadBalancerPort": 80,
        "LoadBalancerProtocol": "HTTP"
      }
    ],
    "LoadBalancerName": "example-lbu"
  }
}

Enable the Sticky Session Policy

To enable the sticky session policy, use the SetLoadBalancerPoliciesOfListener command following this syntax:

Request sample

$ osc-cli lbu SetLoadBalancerPoliciesOfListener --profile "default" \
  --LoadBalancerName "example-lbu" \
  --LoadBalancerPort 0 \
  --PolicyNames.member.0 "example-policy"

This command contains the following options that you need to specify:

LoadBalancerName : The name of the load balancer.
LoadBalancerPort : The external port of the load balancer.

PolicyNames.member.0 : The name of the policy you want to enable for the listener.

Only one policy can be active at a time. If there is already a policy enabled for the listener, the new one you specify replaces it.
To disable an enabled policy, specify [] for this parameter.

The sticky session policy is enabled for the specified load balancer.

Create or Enable the Sticky Session Policy Using AWS CLI

Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI.

Create the Sticky Session Policy

Duration-Based Sticky Sessions

To create a duration-based sticky session policy, use the create-lb-cookie-stickiness-policy command following this syntax:

Request sample

$ aws elb create-lb-cookie-stickiness-policy \
    --profile YOUR_PROFILE \
    --load-balancer-name LOAD_BALANCER_NAME \
    --policy-name POLICY_NAME \
    --cookie-expiration-period 3600 \
    --endpoint https://lbu.eu-west-2.outscale.com

This command contains the following options that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
load-balancer-name: The name of the load balancer for which you want to configure the policy.
policy-name: A name for the policy.

This name must consist of alphanumerical characters and dashes (-).
(optional) cookie-expiration-period: The duration of the sticky session, in seconds.

This duration must be greater than 0. By default, the value is 1, which means that the sticky session lasts for the duration of the browser session.
endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The duration-based sticky session policy is created for the specified load balancer.

Application-Controlled Sticky Sessions

To create an application-controlled sticky session policy, use the create-app-cookie-stickiness-policy command following this syntax:

Request sample

$ aws elb create-app-cookie-stickiness-policy \
    --profile YOUR_PROFILE \
    --load-balancer-name LOAD_BALANCER_NAME \
    --policy-name POLICY_NAME \
    --cookie-name COOKIE_NAME \
    --endpoint https://lbu.eu-west-2.outscale.com

This command contains the following options that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
load-balancer-name: The name of the load balancer for which you want to configure the policy.
policy-name: A name for the policy.

This name must consist of alphanumerical characters and dashes (-).
cookie-name: The name of the application cookie used for stickiness.
endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The application-controlled sticky session policy is created for the specified load balancer.

Enable the Sticky Session Policy

To enable the sticky session policy, use the set-load-balancer-policies-of-listener command following this syntax:

Request sample

$ aws elb set-load-balancer-policies-of-listener \
    --profile YOUR_PROFILE \
    --load-balancer-name LOAD_BALANCER_NAME \
    --load-balancer-port 80 \
    --policy-names POLICY_NAME \
    --endpoint https://lbu.eu-west-2.outscale.com

This command contains the following options that you need to specify:

(optional) profile: The named profile you want to use, created when configuring AWS CLI. For more information, see Installing and Configuring AWS CLI.
load-balancer-name: The name of the load balancer for which you want to enable the policy.
load-balancer-port: The external port of the load balancer (between 1 and 65535, both included).

policy-names: The name of the policy you want to enable for the listener.

Only one policy can be active at a time. If there is already a policy enabled for the listener, the new one you specify replaces it.
To disable an enabled policy, specify [] for this parameter.

endpoint: The endpoint corresponding to the Region you want to send the request to. For more information, see Installing and Configuring AWS CLI.

The sticky session policy is enabled for the specified load balancer.

Related Pages

Corresponding API Methods

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.