Camunda cockpit login fails, when multiple instances of camunda spring starter project deployed on different kubernetes Pods

I am developing an application that uses camunda for workflows. I have created a ca,munda spring starter project and a, deploying multiple instances of the same on different kubernetes pods. In test the http request goes via istio to the kube port (each kube has a different Virtual IP and port)
However when I try to login to cockpit using teh default user I get the below error
Error : CSRF Error : Invalid Header Token

Version : 7.14.0 with default context root for cockpit

Login works fine if I use a single instance while deploying.

Has someone faced a similar issue? Can someone please suggest what might be happening

You need to implement sticky sessions for calls made to cockpit.
What can sometimes happen is that the first call you make will authenticate the user on a specific node and then the second request will be sent to a node for which the user hasn’t been authenticated yet. That could be the issue here.

@Niall Hello Niall,

I’m fairly new to Kubernetes. By any chance, could you refer me to any detail on how sticky sessions would be implemented in the context of Kubernetes?


We have the same issue but to complicate things we have istio. So far we haven’t been able to properly configure sticky sessions with Camunda and istio. Anyone managed to do so?