As wrote earlier, I have a Jira Data Center cluster running on Kubernetes. The cluster has three nodes, and traefik is the ingress controller.
Sometimes when I create a new issue or open a setting, I got the following errors:
The root cause of this is that the request goes to a Jira node with which my browser has an expired session. As by default the service does round robin, the three Jira nodes just take turn to serve the new requests.
The fix is to use sticky session instead of round robin, so the same node serves the subsequent requests from the same session. Here are the annotations I added to my Jira service to use sticky session.
annotations:
traefik.ingress.kubernetes.io/affinity: "true"
traefik.ingress.kubernetes.io/session-cookie-name: "sticky"The full Jira service config file:
Check the session cookies, now I can see it is sticky to one of the Jira node now ( 10.32.0.6)
Run a quick curl test to double check:
$ curl -c cookie-jar -I -s http://jira-sandbox.mydomain.com:32631/status
HTTP/1.1 200 OK
Content-Length: 19
Content-Security-Policy: frame-ancestors 'self'
Content-Type: application/json;charset=UTF-8
Date: Wed, 06 Nov 2019 00:33:48 GMT
Set-Cookie: sticky=http://10.32.0.8:8080; Path=/
Set-Cookie: atlassian.xsrf.token=BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_lout; Path=/
Set-Cookie: JSESSIONID=BCC4EE1C6034A4C5D82A72E003EF52C3; Path=/; HttpOnly
X-Anodeid: jira-3
X-Arequestid: 33x14439x1
X-Asen: SEN-L14457132
X-Asessionid: 1m9h2ki
X-Ausername: anonymous
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
$ for i in $(seq 10); do echo "curl -b cookie-jar -I -s http://jira-sandbox.mydomain.com:32631/status | grep -i node" | bash - && grep -i token cookie-jar; done
X-Anodeid: jira-3
jira-sandbox.mydomain.com FALSE / FALSE 0 atlassian.xsrf.token BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_lout
X-Anodeid: jira-3
jira-sandbox.mydomain.com FALSE / FALSE 0 atlassian.xsrf.token BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_lout
X-Anodeid: jira-3
jira-sandbox.mydomain.com FALSE / FALSE 0 atlassian.xsrf.token BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_lout
X-Anodeid: jira-3
jira-sandbox.mydomain.com FALSE / FALSE 0 atlassian.xsrf.token BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_lout
X-Anodeid: jira-3
jira-sandbox.mydomain.com FALSE / FALSE 0 atlassian.xsrf.token BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_lout
X-Anodeid: jira-3
jira-sandbox.mydomain.com FALSE / FALSE 0 atlassian.xsrf.token BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_lout
X-Anodeid: jira-3
jira-sandbox.mydomain.com FALSE / FALSE 0 atlassian.xsrf.token BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_lout
X-Anodeid: jira-3
jira-sandbox.mydomain.com FALSE / FALSE 0 atlassian.xsrf.token BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_lout
X-Anodeid: jira-3
jira-sandbox.mydomain.com FALSE / FALSE 0 atlassian.xsrf.token BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_lout
X-Anodeid: jira-3
jira-sandbox.mydomain.com FALSE / FALSE 0 atlassian.xsrf.token BV44-TO2E-83JE-X3FL_80e09ce8c80aed4d65312980e779e88742cb2f5b_loutAnd it fixed the above error:
Reference:
https://docs.traefik.io/v1.7/configuration/backends/kubernetes/
Jackie Chen's IT Workshop 
Hello,
I made the same configurations as you and it is not working.
can you tell me what version of traefik you use?
Thanks