Storing sessions in Memcached: The pitfalls
S ome projects have a lot of web servers mostly need a Memcached to store non-sticky sessions. Thus, the users can access to different web servers without any session problem.
One fine day…
While everything is going right in your project, suddenly some users encountered automatically log out problem.
Immediately, you checked your code base. Everything was ok in your code base though…
Most probably Memcached would delete your users’ session data.
Let’s say; X user could log in to the website and his session data wrote to Memcached. Right after, hundreds of users could log in to the website and there was no sufficient space in Memcached. the X user’s session data has deleted and in this way logged out.
Well, why Memcached deleted his session data?
For instance; You set up 64 MB (example value) memory to Memcached and it filled up. Memcached would be applying LRU ( Least Recently Used ) to keys.
In this case, the deleted key will be X user’s session.
Another problem; Memcached doesn’t support persistent storage.Therefore, if you shutdown and start Memcached for some reason (configuration changes, restart OS, hardware upgrade etc.) then you will lose the session data. So, your users will lose their sessions while they are active in the website. It might be unpleasant experience for your customers.
If you don’t want to lose the sessions then you will have to store the sessions in a database that supports persistent storage.
P.S.: I’m not a native speaker of English.