Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Many sessions being created without a user on the website sitting behind Kubernetes #820

Open
Daxcor69 opened this issue Mar 19, 2021 · 2 comments
Open

Many sessions being created without a user on the website sitting behind Kubernetes #820

Daxcor69 opened this issue Mar 19, 2021 · 2 comments
Labels
question

Comments

@Daxcor69
Copy link

Ok, I know there are a lot of settings that can affect things. I will explain the situation first, then wait for what information I should provide.

Here is my dep list for version info:

    "@kubernetes/client-node": "^0.13.2",
    "aws-sdk": "^2.863.0",
    "axios": "^0.21.1",
    "bcryptjs": "^2.4.3",
    "connect-mongo": "^3.2.0",
    "csurf": "^1.11.0",
    "dayjs": "^1.10.4",
    "do-wrapper": "^4.4.1",
    "ejs": "^3.1.6",
    "express": "^4.17.1",
    "express-ejs-layouts": "^2.5.0",
    "express-sanitize-middleware": "^1.0.3",
    "express-session": "^1.17.1",
    "helmet": "^4.4.1",
    "md5": "^2.3.0",
    "method-override": "^3.0.0",
    "mongoose": "^5.12.0",
    "mongoose-timezone": "^1.3.0",
    "ping": "^0.4.0",
    "sanitize-filename": "^1.6.3",
    "stripe": "^8.138.0",
    "truncate-utf8-bytes": "^1.0.2"
  }

My nodejs 14+ app is sitting behind a kubernetes nginx-ingress controller. All cookies and site behavior is as expected, what I am seeing in the mongo db session store is new sessions being created about one a second on avg. The timing is not consistent. When I look in grafana to look at open connections, and connections/sec etc. They are zero. It LOOKs like there is no outside traffic coming in. Could the ngnix-ingress (with sticky option set) be causing this creation of sessions? Some sort of health check? I am happy to provide more configs just didn't want to overwhelm the initial question.
@adamkl
Copy link

adamkl commented Jun 4, 2021

Do you have a liveness probe running for your deployment? We had to make sure that our session middleware was excluded on the endpoint used for the K8S liveness probe (we create a simple keep-alive route), otherwise we would end up with the same as what you are describing; lots of empty session records in the database.

@gabeio
Copy link
Member

gabeio commented Jun 4, 2021

@adamkl is likely correct, if you have not set saveUninitialized to false, or otherwise avoided the liveness and readiness checks then kubernetes just checking to see if your node application is online is sending a request which sessions is by default creating an empty session for each of these requests.

@gabeio gabeio added the question label Jun 4, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gabeio @adamkl @Daxcor69