Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Using Sticky route for session affinity in nginx proxing requests to Jira, does not work.

Dilip Kumar Mavireddi
Dilip Kumar Mavireddi
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 27, 2017

 

Background :

We have nginx setup to loadbalance requests to Jira and we had a successful implementation using Sticky learn. However considering the sticky route method as mentioned in Atlassian documentation we were unable to achieve success.

Problem :

When Sticky route is being used we are being redirected to the login page every time we try to login.

Details :

Nginx conf :

 

map $cookie_jsessionid $route_cookie {
~.+\.(?P<route>\w+)$ $route;}

map $request_uri $route_uri {
~jsessionid=.+\.(?P<route>\w+)$ $route;}

 upstream jiracluster {

zone jiracluster 64k;
server hostname1:port route=node1;
server hostname2:port route=node2;
#sticky learn create=$upstream_cookie_JSESSIONID
# lookup=$cookie_JSESSIONID
# zone=client_sessions1:1m
# timeout=1h;
sticky route $route_cookie $route_uri;

Please note: the commented Sticky learn method works perfectly! We are trying to study the behavior of Sticky route.

Does atlassian recommend only Sticky Route ? or is Sticky learn also fine to use as it supports session affinity.

 

Please let me know if any further information will be helpful to better understanding the issue. 

 

 

 

Answer
Watch
Like Be the first to like this
6152 views

1 answer

0 votes
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 28, 2017

In regards to using Jira data center, you need to use a load balancer that supports sticky sessions.  If you don't then the browser requests to that load balancer could be randomly routed to different nodes for each request, which in turn could cause all sorts of unexpected behavior with Jira.

To avoid this potentially negative experience for the end user, the Data center documentation does explicitly state that your load balancer needs to support sticky sessions.  That way when a user logs in, they are typically bound to the node they are first routed to until either they log out, timeout their login, or that node actually goes down.

I am interested to see your complete nginx config.  It looks like you might have only posted a portion of this.   I would expect your config to look more like the example posted in  How to set up NGINX Plus as the load balancer for a JIRA Data Center cluster

View More Comments
Dilip Kumar Mavireddi
Dilip Kumar Mavireddi
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 23, 2017

Hi Andrew,

Sorry for the delay.

This is what is working for us at the moment. When we tried to replace sticky learn with sticky route..  we get simply re-directed back to login page again.

So to switch between Sticky route and Sticky learn we simply replace it with the contents between the related lines.

Please advise if I am missing something on the Sticky Route as shown below that is kicking me out.

=========STICKY ROUTE================

map $cookie_jsessionid $route_cookie {
~.+\.(?P<route>\w+)$ $route;}

map $request_uri $route_uri {
~jsessionid=.+\.(?P<route>\w+)$ $route;}

 upstream jiracluster {

zone jiracluster 64k;
server hostname1:port route=node1;
server hostname2:port route=node2;
#sticky learn create=$upstream_cookie_JSESSIONID
# lookup=$cookie_JSESSIONID
# zone=client_sessions1:1m
# timeout=1h;
sticky route $route_cookie $route_uri;

===========STICKY ROUTE================

 

 

 

Full Config :

---------------------------------------------------------------------

 

user  nginx;
worker_processes  auto;

error_log  /../error.log notice;
pid        /../nginx.pid;


events {
    worker_connections  1024;
}
#####

http {
    include       /../mime.types;
    default_type  application/octet-stream;
    proxy_read_timeout 3600s;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    log_format timings '"$time_local" client=$remote_addr '
                     'method=$request_method request="$request" '
                     'request_length=$request_length '
                     'status=$status bytes_sent=$bytes_sent '
                     'body_bytes_sent=$body_bytes_sent '
                     'referer=$http_referer '
                     'user_agent="$http_user_agent" '
                     'upstream_addr=$upstream_addr '
                     'upstream_status=$upstream_status '
                     'request_time=$request_time '
                     'upstream_response_time=$upstream_response_time '
                     'upstream_connect_time=$upstream_connect_time '
                     'upstream_header_time=$upstream_header_time'
                     'pipelined=$pipe';


    access_log  /../access.log  timings;

    sendfile        on;
    tcp_nopush     on;

    #keepalive_timeout  65;

    gzip  on;

    include /../*.conf;

=============STICKY LEARN================
    upstream jirac {
       zone jirac 64k;
       server node1:p22 route=jira-01;
       server node2:p22 route=jira-02;
       sticky learn create=$upstream_cookie_JSESSIONID
                 lookup=$cookie_JSESSIONID
                 zone=client_sessions:1m
                 timeout=1h;
    }

==========STICKY LEARN====================

    server {
      listen               p33 ssl;
      root /usr/share/nginx/html;
      server_name          jira...com;
      client_max_body_size 250M;
      ssl                  on;
      ssl_certificate      /...crt;
      ssl_certificate_key  /..key;

 ssl_ciphers 'ECD......;
      ssl_prefer_server_ciphers on;
      location / {
                health_check mandatory ;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_pass https://jirac;


    }

}

-----------------------------------------------------------------------

Like
Ivan Tapia
Ivan Tapia
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
December 26, 2019

@Dilip Kumar Mavireddi ,

 

I have try the suggested configuration from Atlassian described in https://confluence.atlassian.com/jirakb/how-to-set-up-nginx-plus-as-the-load-balancer-for-a-jira-data-center-cluster-640516559.html  having the same result than you, after read multiple times NGiNX documentation https://docs.nginx.com/nginx/deployment-guides/load-balance-third-party/apache-tomcat/ I found that I was missing add jvmRoute as part of the Engine section along with the appropriate connector configuration on server.xml file. I hope this also work for you if you still interested in try route method.

 

--- Next sections has been taken from NGiNX documentation as an example ----

2. Add the following lines to the configuration files for your backend Tomcat servers to append an identifier based on the jvmRoute attribute (here, set to either a or b) to the end of the JSESSIONID cookie value:

# On host 10.100.100.11
<Engine name="Catalina" defaultHoast="www.example.com" jvmRoute="a">
# On host 10.100.100.12
<Engine name="Catalina" defaultHoast="www.example.com" jvmRoute="b">
Like # people like this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.