Kubernetes Load Balancing With Authentication

How do you architecture a Kubernetes application so that a logged-in user is always served back session information stored inside the correct Redis replica?

I've got a working Apollo/GraphQL application written in Typescript which logs users in and stores their session information in Redis. I'm not sure how to architect the application for production, when I'll have multiple Redis instances running, via Kubernetes. The Kubernetes configuration files that I've currently written (for Redis and the application) are here.

Presumably I'll need to have some sort of Load Balancer service sitting in front of my application in order to distribute traffic. But here's where I'm a little confused––

When a user makes a request to my application (via a kubernetes loadbalancer service, for instance) how do I ensure that my application checks the "right" Redis replica? It's my understanding that would be necessary to ensure that their credential information is retrieved, for instance to check their logged-in status. If my application is checking a different Redis replica every time for the user's details (via a cookie/session) then I'm not sure how the logged-in functionality would work ... unless I'm mistaken and somehow Kubernetes knows how to search across all the replicas?

Here's how my current application connects to Redis (this works after starting up Redis and exposing it via a ClusterIP) if that's relevant:

import Redis from "ioredis";  import session from "express-session";  import connectRedis from "connect-redis";    // Running Redis with docker-compose  let tries = 5;  const connectionOpts: Redis.RedisOptions = {    host: process.env.REDIS_HOST,    port: parseInt(process.env.REDIS_PORT as string) || 6379,    retryStrategy: (time) => {      if (tries === 0) {        throw new Error("Could not connect to Redis.");      } else {        setTimeout(() => {          tries--;        }, time);        return 2000;      }    },  };    // Connect to Redis  export const redis = new Redis(connectionOpts);    // Configure Redis to store session information  const RedisStore = connectRedis(session);    // Initialize session parameters and cookie name, etc.  export const mySession = session({    store: new RedisStore({      client: redis,    }),    name: "qid",    secret: process.env.SECRET || "wiuy10b1la",    resave: false,    saveUninitialized: false,    cookie: {      httpOnly: true,      secure: process.env.ENV === "production",      maxAge: 1000 * 60 * 60 * 24 * 7 * 365,    },  });  

https://stackoverflow.com/questions/66540660/kubernetes-load-balancing-with-authentication March 09, 2021 at 12:05PM