One situation was looking at splitting web traffic across multiple servers. In our case, we had only 2% of our website that would spike and increase our load by %1000 percent (I’m not joking) for a short period of time. So instead of doing traditional load balancing, we opted for routing specific functions to a custom subdomain that would run on another server. That way if the thousands of crazy video game players (you know who you are), slam the servers trying to get a cool skin for their online avatar, it would only take down that one section.
Well, we were using PHP Sessions, and as you might know, they are file based. The problem is that when it’s file based, server A by default won’t have access to server B’s session files. This makes having a user stay logged in between servers a real pain.
After researching all sorts of possibilities, we decided to take the shortest route. You can write your own PHP Session Handlers, but dealing with race conditions and other pitfalls are left to the developer.
So, we decided to use the built in memcache session handler that has all the extra tricky stuff built in. All it takes is installing the php memcache module, and a few php.ini changes outlined here. I’ve copied the text here to keep a record of it.
The first thing is to install the memcached server on your Debian server :
apt-get install memcached
Then, since the memcache PECL extension now provides its own session handler, it’s easy to plug PHP and memcached servers. Just install the appropriate extension (from Dotdeb) :
apt-get install php5-memcache
and change some of your PHP settings :
session.save_handler = files
; session.save_path = “N;/path”
session.save_handler = memcache
; change server:port to fit your needs…
That’s all! After relaunching your Apache2 server, your PHP sessions will be stored on the memcached server.
Now, you’ll need to have memcached, the service, running somewhere that all your php web servers can access. In presentations I’ve given about memcached, I talk about how memcached as zero built in security (well, maybe 0.1% security, close enough to zero). So you need to secure it with iptables so that only the web servers can access your memcached service.
Tomorrow if I have time I might quickly document my experience of getting a Ubuntu 10.04 server running nginx + php. I was surprised at how easy it was, and even figuring out some more advanced configs were not bad.