8.3.1. HTTP(S) - Layer 7 load balancing

This page provides information about recommended ways to use sessions with a Layer 7 load-balancer.

Most load-balancers have the ability to provide cookies for pinning subsequent traffic from a client to the appropriate server. This method is called sticky session, session persistence or session affinity. Using cookies efficiently requires the client to know when a cookie should be sent, should not be sent or should be deleted.

Sticky session load balancing

Each Metadefender Core v4 instance has its own databases and application sessions that cannot be seen by other instances. Therefore, in order to get the related data/response to our queries we should ask the appropriate Metadefender Core v4 server. On the other hand, to keep the advantages of the used load balancing method, cookies should not be sent if it is not necessary.

Single file scanning

Steps

No.

Stage

Task

Cookie usage

1.

Sending file

Initiate processing a file on the client side. Send file through the load-balancer. (See REST API: Scan A File)

Cookie should not be sent.

2.

Save the cookie and the data_id you got from the load-balancer

Save cookie

3.

Getting result

Request result related to data_id saved in step 2. (See REST API: Fetch Scan Result)

Send cookie saved in step 2.

4.

If processing is in progress (See REST API: Fetch Scan Result), wait a little while and repeat step 3.

Send cookie saved in step 2.

Batch scanning

Steps

No.

Stage

Task

Cookie usage

1.

Open batch

Initiate processing file(s) in batch. Request a batch ID through the load-balancer. (See REST API: Initiate Batch)

Cookie should not be sent.

2.

Save the cookie and the batch_id you got from a Core server through the load-balancer.

Save cookie

3.

Sending files

Send file through the load-balancer. (See REST API: Scan file in batch)

Send cookie saved in step 2.

4.

Save the data_id you got from the load-balancer.

-

 

Status/result of scanning of sent files can be queried: (See REST API: Fetch Scan Result)

Send cookie saved in step 2.

5.

Repeat step 3-4. with files wanted to be in the same batch.

-

6.

Getting batch status

See REST API: Status of Batch

Send cookie saved in step 2.

7.

Close batch

Tell the server that no more files will be sent to this batch. (See REST API: Close Batch).

(This will only be successful if all the files sent to the batch have been processed already. Repeat this step until batch is closed.)

Send cookie saved in step 2.

8.

Getting results

Request results related to batch ID saved in step 2. (See REST API: Download Batch Signed Result).

Send cookie saved in step 2.

If it does not matter which upstream server responds, then querie should be sent without cookie.

It is recommended not to send cookies when it's not necessary to allow load-balancer to use its own method to share the load between Metadefender Core v4 servers.

Limitations, additional notes

Using load-balancing between Metadefender Core servers does not support:

  • Global scan history

  • Core server administration through load-balancer

OPSWAT products that support HTTP load balanced Metadefender Cores

Product name

Minimum version

Further information

MetaDefender Kiosk

does not support yet

-

MetaDefender Client

does not support yet

-

MetaDefender Email Security

4.3.0

-

MetaDefender ICAP Server

4.3.0

-

MetaDefender Vault

1.3.0

-