Kubernetes ingress-nginx sticky session isn't working with spring security

Following change fixed the problem. Without a host definition in rules, ingress-nginx doesn't set session cookie.

There is an open issue: https://github.com/kubernetes/ingress-nginx/issues/3989

apiVersion: extensions/v1beta1kind: Ingressmetadata:  name: ingress-nginx  annotations:    kubernetes.io/ingress.class: nginx    nginx.ingress.kubernetes.io/ssl-redirect: "false"    nginx.ingress.kubernetes.io/affinity: "cookie"    nginx.ingress.kubernetes.io/session-cookie-name: "route"    nginx.ingress.kubernetes.io/session-cookie-expires: "172800"    nginx.ingress.kubernetes.io/session-cookie-max-age: "172800"    nginx.ingress.kubernetes.io/session-cookie-path: /ingress-test    # UPDATE THIS LINE ABOVEspec:  rules:     - host: www.domainname.com       http:        paths:          - path: /ingress-test            backend:              serviceName: ingress-test              servicePort: 31080

The reason spring changes the cookie is to prevent session fixation (more information can be found here: https://www.owasp.org/index.php/Session_fixation).In your case you are using the same cookie for the sticky routing policy that is used by spring for session handling.

I suggest to use a different cookie name - it will be created by nginx and there is no need to use a cookie that is used by the application.