In this part of my series we’ll get closer to the fundamentals of our application. In the last article we’ve outsourced our mail server to the cloud. Now we want to do the same with our database server to get rid of all the tasks that come with hosting a database server like setup, configuration, maintenance, backups, security, replication or updates. Amazon provides a really straightforward solution: RDS
By default, PHP persists every user session to a single file stored in the system’s default temporary directory. You can go there, open an arbitrary session file – most likely prefixed by
sess_ – and you will find a serialized array which represents the contents of the global
$_SESSION array which is available to your scripts. Ok, this works great, so what’s the problem with this setup?
Actually, there is nothing wrong with using the file based session storage. But with growing demands some downsides of this approach may attract your attention:
- The system’s temporary directory is a shared directory: session files of different applications and temporary files of foreign processes may also use this location. In case of a security issue your user sessions may be compromised. This may be solved by configuring a unique session save path per application and put an
open_basedirrestriction on top to prevent unauthorized access. This applies all the more if your application is installed on a shared server. In contrast, a database can make use of its access management, you will just need to setup an excluvise account for your session table.
- There are no simple means to increase file access performance. In constrast, a database usually knows a lot of concepts to improve performance like indexing and clustering.
- As soon as you want to run your application on multiple servers for reliability and performance reasons you will prefer to store session data in a central location that is common to all webservers. Thus, every webserver shares the same pool of session data and it doesn’t matter which webserver of your cluster serves two subsequent requests of the same client.
Implementing a different session save handler in raw PHP is quite well described in the PHP documentation, so we will focus on how to do the Symfony2 configuration for this requirement. Continue reading “Moving to the cloud part 2: Enabling database session storage”
Dieser Beitrag handelt von einem Thema mit dem wir eigentlich schon oft zu tun hatten und auf die ein oder andere Weise implementiert haben. Und doch stellt es uns immer wieder neu vor die Frage wie man es eigentlich »richtig« macht, ganz abgesehen von Besonderheiten die jeder spezielle Fall mit sich bringt: Aggregatsfelder bzw. Aggregate Fields.