upstream hash consistent seems to depend on order of DNS entries

Ian Morris Nieves imnieves at
Sat Feb 1 19:48:00 UTC 2020

Hello all,

Here is the setup:
- I am running nginx in a single docker container and it has an upstream to a docker service which is composed of 3 docker containers (which happens to be php-fpm)
- the service is configured to _not_ expose a single virtual ip address (vip), instead the service exposes the ip addresses of all 3 containers through docker’s built-in DNS.  When this DNS is asked for the IP address of the service it will respond with a list of 3 IP address but the list will rotate in round-robin fashion each time a lookup is performed.  Thus the first IP in the list will not be the same for any 2 consecutive lookups.

My first question is:
Is it the correct behavior that consistent hashing depends on the order of IP addresses in the DNS query response?  I can imagine arguments either way, and it is possible that this critical detail is outside the scope of consistent hashing.  I will also forward this question to the author of Ketama.

My last question is:
Does is make sense to give nginx the capability to do consistent hashing that is not dependent on the order of IP addresses in the DNS query response?  Perhaps it can order/sort the IP addresses in the response into some canonical ordering.  I am finding that Docker (unlike Kubernetes) forces me to receive my DNS query responses with IP addresses shuffled in round robin.  Docker will not allow me to receive “consistently” ordered IP addresses in a DNS query response.  Perhaps in addition to the “consistent” flag in nginx, there could also be a flag like “sorted-ip” which will sort the IP addresses before applying the the hash algorithm.


More information about the nginx mailing list