Today, Billions of people worldwide access web applications over various networks including the Internet. Based primarily on the HTTP Protocol, web applications are an economical way for businesses to interact with their customers and employees through ubiquitous browsers. The ability to update and maintain web applications without distributing and installing software on potentially thousands of client computers is a key reason for the proliferation of web applications.
Understanding Stateless and Stateful Applications
In Information Technology, stateful and stateless are sometimes used to describe the interactions between two entities (End Users and Web Applications). Stateless means there is no record of previous interactions between the entities. Each interaction is discrete and unrelated to those that precede or follow and handled using only the information that comes with it. Stateful, on the other hand, means the entities interact with each other in a manner that keeps track of one or more preceding interactions (states).
In the above example, Stateless does not maintain any interaction, thus the user receives a new refreshed webpage, but in Stateful, the record is maintained and keeping the information of the last interaction with the webserver.
Maintaining State in a Stateless Environment
Most applications are based on logical flows and processes that are predicated on the ability to maintain state across multiple user interactions. For example, a customer using an e-commerce application might interact with many product pages, adding items to a shopping cart and then paying for those purchases during the checkout process, such interactions are Stateful. Moreover, the application must keep track of who the customer is to be able to associate them with their respective shopping cart. This process can be achieved through two State Management Mechanisms: Sessions and Cookies.
Although not used exclusively by the HTTP Protocol, sessions provide a way for a web application to maintain state across multiple user interactions. When a user connects to a server for the first time, a corresponding session is created in the server’s memory and associated with the connection. Application developers can use that session area as a place to store application-state data such as customer ID, shopping cart number, or even page display options.
There are some inherent problems with using the session data alone to manage applications’ state information. The session can become disassociated from the connections if the connection times out. The timeout for a connection is typically much shorter than the timeout for a session. This can result in the session remaining in memory on the server even after its associated connection has been terminated due to inactivity.
Cookies are bits of data stored on the client by the browser and shared between the client’s browser and the web application server via two cookie-related HTTP headers: Set-Cookie and Cookie. Cookies provide a mechanism for maintaining and managing the state in an HTTP application. The application typically sets the cookie value using the Set-Cookie and the browser shares unexpired cookies back with the application using Cookie. Cookies are passed back and forth between browser and application using HTTP.
The browser automatically knows to store a cookie shared by a web application in a file on the client and keeps track of these cookies on a per-domain basis. Many browsers allow you to view cookies stored by a browser.
E.g., Cookie data from an Amazon session, as shown via Chrome browser’s Inspect Element option.
Unexpired cookies for a given domain are always passed to the server by the browser in the Cookie HTTP header. Many modern web applications use a session’s identifier and pass it along as a Cookie, enabling the application to find the session data on the server, even after the connection from which the session was created is closed or times out. Through this exchange of Session ID between browser and application, State is maintained.
Stateful Applications in a Load Balancing Environment
When the client connects to an application via the appropriate virtual server, the load balance load balances the connection to one of the virtual server’s nodes (server). The server creates a session in memory, the application obtains the Session ID and passes it back to the client’s browser via a cookie in the HTTP response header. Next time when the same client connects to the application assuming the original connection is now expired, the virtual server’s default behavior is to load balance this new connection which may be directed to a completely different server depending on the load balancing method. In order to maintain the user session to the same server overriding the load balancing method requires Persistency or also known as Stickiness of the session.
Persistence feature tracks and stores the persistence data, such as the specific server that previously serviced a client connection, ensuring that multiple connections are directed to the same server throughout the life of Persistence Record.
If Persistence is needed to support state management for an application, then the virtual server for that application can be configured with Persistence Profile, which instructs the load balancer to treat the clients differently. Persistence ensures that a series of stateful interactions between clients and applications are directed to the same server.
In pursuit of the requirement to not only maintaining the sessions but also maintaining the session with the same server in parallel to provide load balancing between the servers, we require Persistency on Load Balancers. We will be discussing Persistency Methods in our next blog.
Zindagi Technologies Pvt. Ltd. is an IT consultancy and professional services organization providing years of expertise in planning, designing, and deployment of Network and Security technologies. For more details, feel free to reach out to us at +919773973971.