How to use Session Affinity without DataProtection? #1982
Description
Discussed in #1924
Originally posted by pinkfloydx33 November 5, 2022
We are running a YARP-based API gateway inside of a Kubernetes cluster. Recently we started getting a lot of exceptions in our logs across multiple environments related to DataProtection by way of Yarp.ReverseProxy.SessionAffinity.CookieSessionAffinityPolicy:
{
"Message": "The request affinity key decryption failed.",
"SourceContext": "Yarp.ReverseProxy.SessionAffinity.CookieSessionAffinityPolicy",
"EventId": {
"Id": 38,
"Name": "RequestAffinityKeyDecryptionFailed"
},
"Exception": {
"Type": "System.Security.Cryptography.CryptographicException",
"Message": "The key {3c41e5c9-ba87-4b12-8a17-312e7326b765} was not found in the key ring. For more information go to http://aka.ms/dataprotectionwarning",
"Source": "Microsoft.AspNetCore.DataProtection",
"TargetSite": "Byte[] UnprotectCore(Byte[], Boolean, UnprotectStatus ByRef)"
}
}Our configurations include Cookie-based session affinity, however we are not managing data protection features ourselves (i.e. no call to AddDataProtection). It's odd that this seems to have only started within the last week. We haven't updated nor re-deployed our application and the pods have been running without interruption--nothing has changed.
Any ideas on why this might be happening? Is it something to be concerned with, and if so, how might we fix it? It doesn't seem to impact actual request proxying so I think it may be harmless... but I wanted to verify anyways.