Does the lua “ngx.balancer” support session re-use ?

[wahmed-eg]

I am doing NGINX upstream with lua “ngx.balancer”. Balancing HTTPS requests.

In my scenario, HTTP requests are sent every 5 seconds to NGINX, which then balances HTTPS requests to the upstream server.

At this point, lua balancer has only 1 upstream server to load balance from.

All requests use the same “Host”, which means that once the SSL handshake is done, the same session ID can be re-used between NGINX and the upstream server (which is also running NGINX).

    location /one {
       proxy_pass https://upstream;
       proxy_http_version 1.1;

       proxy_ssl_trusted_certificate /my/trusted/certificate.pem;
       proxy_ssl_session_reuse on;
       proxy_ssl_verify on;
       proxy_ssl_verify_depth 2;
       proxy_ssl_name $host;
       proxy_ssl_server_name on;
    }

When using NGINX upstream, without lua “ngx.balancer”, every upstream HTTPS request establishes a new connection, but the SSL session is re-used. In other words, the Client Hello contains the Session ID from the previous connection and the previous session resumes. A full SSH Handshake is not performed.

When using NGINX upstream, with lua “ngx.balancer”, the Client Hello never contains the Session ID from the previous connection. A full SSH Handshake is needed.

Does the lua “ngx.balancer” support session re-use ?

[agentzh]

@eahmwah Session reuse is not not yet supported. It's still a TODO. But fortunately you can work around this limitation by using the connection pools via the keepalive directive in your upstream {} block.

[wahmed-eg]

ok thanks