PHP multiple servers cross-domain session sharing

Web site Business scale and the gradual development of traffic, originally by a single server, a single domain of the mini-site architecture has been unable to meet the development needs.

At this point we may purchase more servers, and enable multiple level two subdomains to be deployed on separate servers based on business functions, or to share a set of servers across multiple channels via load balancing techniques such as DNS polling, Radware, F5, LVS, and so on.

OK, we've already conceived the solution in mind, but the new technical issues that go into deep development come with it:

We deploy the site program distribution to multiple servers, and independent of several two-level domain names, due to the implementation of the session is limited by the principle (the session in PHP by default in the form of files stored on the local server's hard disk), so that our website users have to often back and forth between several channels to enter the user name, Password login, the user experience is greatly discounted, in addition, the original program can be directly from the user session variable read data (such as: nickname, integration, login time, etc.), because the session variable cannot be updated across the server synchronization, forcing developers to read and write the database in real time, thereby increasing the burden of the database.

As a result, the need to resolve the site cross-server session sharing program needs to become urgent, eventually spawned a variety of solutions, the following list of 4 more feasible scenarios to compare and discuss:

1. NFS-based session sharing

NFS is the abbreviation for Net filesystem, which was originally developed by Sun to address directory sharing among UNIX network hosts.

This solution is the simplest, no need to do too much two development, only need to mount the shared directory server to the local session Directory of each channel server, the disadvantage is that NFS relies on complex security mechanism and file system, so the concurrency efficiency is not high, Especially for the session such a high concurrency read-write small files, due to the io-wait of the shared directory server is too high, ultimately drag the execution efficiency of the front-end Web application.

2. Database-based session sharing

The first choice of course is the famous MySQL database, and it is recommended to use memory table heap to improve the read and write efficiency of session operation. The utility of this scheme is relatively strong, I believe that everyone is widely used, its disadvantage is that the session's concurrent reading and writing ability depends on the performance of MySQL database, at the same time need to implement the session elimination logic, in order to periodically update from the data table, delete session records, When concurrency is too high, table locks are prone, although we can select the table engine for row-level locks, but we have to deny that using the database storage session is a bit of a overkill posture.

3. Cookie-based session sharing

We may be unfamiliar with this scheme, but it is more commonly used in large websites. The principle is to encrypt and serialize the session information of the entire station user, in the way of cookies, Uniformly planted under the root domain name (e.g.. host.com), when using a browser to access all level two domain name sites under the root domain name, the feature of all cookie content corresponding to the domain name is passed, thereby enabling the user's cookie session to share access across multiple services.

The advantages of this scheme do not require additional server resources, the disadvantage is that due to the limit of the length of the HTTP protocol header, only a small subset of user information can be stored, while the cookie session content needs to be secured and decrypted (such as: DES, RSA, etc. for plaintext and decryption; again by MD5, SHA-1 and other algorithms for anti-counterfeiting authentication), in addition it will also occupy a certain amount of bandwidth resources, because the browser will be in the request of any resources under the current domain name, the local cookie appended to the HTTP header to the server.

4. Session sharing based on Memcache

Memcache because it is a memory sharing system based on Libevent multi-path asynchronous I/O technology, simple key +value data storage mode makes the code logic small and efficient, so in the concurrent processing power occupies an absolute advantage, at present I experienced the project reached 2000/s average query, And the server CPU consumption is still less than 10%.

In addition, it is worth mentioning that the Memcache memory hash table is unique to the expires data expiration mechanism, coincides with the expiration mechanism of the session, reducing the code complexity of expired session data deletion, and comparing the "database-based storage scheme", This logic alone creates a huge query pressure on the data table.

Memcache-based storage is the recommended choice for these scenarios!

Other programs still have their use of the occasion, the specific choice of which needs to be developed according to the current server resources, Web site concurrency stress and other comprehensive assessment.

PHP multiple servers cross-domain session sharing