Level 88
This might be a good read for you: https://serversforhackers.com/c/so-you-got-yourself-a-loadbalancer
1 like
Feb 26, 2018
7
Level 1
Laravel under a load balancer + centralized redis session storage
Hi all
Sorry if this question has been posted already, I am new here.
So, I have 2 laravel nodes running in separate servers under a load balancer, and a dedicated redis server for session and cache storage.
I configured the session and cache drivers accordingly to "redis" and it connects just fine. I see files being stored inside the redis server.
The issue is when I try to login, the page just gets refreshed without printing the "Invalid credential" errors that are normally stored in session.
Since the load balancer keeps redirecting from one node to another, the session is somehow getting lost. As a single instance it works just fine though.
Is there anyone having the same issue with laravel and load balancing?
If there is a possible fix without configuring the balancer to use sticky sessions, that would be great!
Thanks in advance!
Level 1
@bobbybouwmann Thanks for your reply! I have read all of it, and I have the "Central Session Storage" problem where sessions are stored with a specific instance IP and when the load balancer forwards to the other node, the session is not valid. So I wonder if there would be a way to make sessions valid across all nodes. I see there is a laravel configuration in the sessions file called "domain" but changing that to the load balancer ip didn't help either.
Level 1
I ended up installing the TrustedProxy package and it works perfectly.
1 like
Level 1
I have the same problem. Can you explain how to and where to install the extension on my servers? I have deployed two Laravel projects in two Digital Ocean instances and one Digital Ocean load balancer with default round-robin format.
Level 54
@lakinduk best to start a new question and link to this for context as this one is marked as solved so won't get as many views as a new thread.
1 like
Level 88
Great!
Level 7
You'd also want to make sure that both apps if using a central DB are using the same APP_KEY other wise CSRF and password hashes won't match up
Please or to participate in this conversation.