I am configuring a test AWS architecture for a web application that I plan to migrate from a dedicated hosting service to AWS. What I have now is as follows :
- One MySql RDS, where my application data is.
- Two EC2 instances. This instances have the application source code (Written in PHP) and already configured to connect to the RDS.
- One load balancer. I have set it up to autoscale between 2 and 10 instances, according to the processor usage, but I most likely adjust the policies once the application go live.
The new EC2 instances will already be launched with the code and RDS connection parameters ready via a custom image, and I am working in the Sao Paulo region.
Everything works fine except for one thing. If I access the website via the ELB DNS record, I see the site there but I cannot log in. Nothing happens when I put the user credentials. (The site is basically an admin panel so I have to log in to see their contents), but if I access through an individual instance IP or DNS record, I can log in and use the application normally. The user data (user and password) is stored in the RDS.
If anybody has experienced anything similar, I really appreciate your help. Thank you in advance!
Best Answer
The usual way of maintaining a session is:
The session cookie would normally be stored and retrieved from a location that is independent of the web servers, for example a separate database server. That way it doesn't matter which web server they hit, they will get the same cookie and the same session.
The session cookie needs to be secure and unique to the client, so some apps will create a hash that includes the client IP in the calculation. If this is the case then a different IP looks like a different session.
You'll need to check your app to see if this is the case.
Alternatively, if you actually need to tie the session to a particular server (e.g. the app stores state locally on the web server) you can use ELB Sticky Sessions to tie a session to a particular web server. This should only be required if your app actually stores state locally on each web server.