When a site uses Nginx + PHP for load balancing, the same IP access to the same page will be allocated to different servers. If the session is not synchronized, there will be many problems, such as the most common login status.

Here are several ways to synchronize sessions in nGINx load balancing

1) Use cookies instead of session

Session is stored in the server, cookie is stored in the client, we can put the session generated by the user to visit the page into the cookie, that is, cookies as the transfer station. You go to Web server A, you create A session and you put it in A cookie, and when your request is sent to server B, server B determines whether the server has A session, and if it doesn’t, then it checks whether the cookie on the client has A session, and if it doesn’t, If there is a sessoin in the cookie, synchronize the sessoin in the cookie to server B. Then the session is synchronized.

Note: This method is simple to achieve, convenient, and will not increase the burden of the database, but if the client cookie is banned, then the session will not be able to synchronize, which will bring losses to the website; Cookie security is not high, although it has been encrypted, but still can be forged.

2) The session is stored in the MySQL database

PHP can be configured to store sessions in the database. This method is to store the session table together with other database tables. If mysql is also clustered, each mysql node should have the session table, and the session table should be synchronized in real time.

But be warned:

Using a database to synchronize sessions will increase the IO of the database and increase the burden of the database. In addition, the database read and write speed is slow, which is not conducive to timely synchronization of sessions.

3) Session is stored in memcache or Redis

Memcache can be distributed. In the PHP configuration file, the storage mode is set to memcache. In this way, PHP will set up a session cluster and store session data in memcache.

Special note:

Synchronizing sessions in this way does not add to the database burden, and is much more secure than using cookies. Putting sessions into memory is much faster than reading from a file. However, memcache divides the memory into blocks of various sizes. As a result, memcache cannot fully utilize the memory, resulting in memory fragmentation. If there are not enough blocks, memory overflow will occur.

4) Use the IP_hash mechanism of Nginx

The IP_hash technology in Nginx directs requests from an IP address to the same backend Web machine, so that a client under that IP and a backend Web machine can establish a solid session.

In other words, the IP_hash mechanism allows a client to access only one real Web server on a fixed back end for an extended period of time, so that the session is kept alive and we don’t hop back and forth between Web servers when we login to a Web page. There will be no natural landing site and remind you that you did not need to re-login;

Ip_hash is defined in the upstream configuration:

Upstream: upstream nginx.example.com {server; Server; ip_hash; } server { listen 80; location / { proxy_pass http://nginx.example.com; }}

Ip_hash is easy to understand, but since only the IP factor can be used to assign the back-end Web.

Therefore ip_hash is flawed and cannot be used in a number of cases:

A) Nginx is not the most front-end server.

Ip_hash requires that nginx be the front-end server. Otherwise, nginx cannot hash based on the IP if it fails to obtain the correct IP address. For example, if squid is used as the front end, then nginx can only get the IP address of squid server, using this IP address is definitely wrong.

B) There are other ways to load balance the nginx backend.

If there are other load balancers on the Nginx backend that divert requests in a different way, then a client’s requests cannot be directed to the same session application server. The nginx backend can only point directly to the application server, or a SQUID, and then point to the application server. The best way to do this is to use location as a single stream, where part of the requests that require a session are routed through the IP_hash, and the rest go to the other backend.

-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- by the way, before the line used in nginx load balancing session sharing deal -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- is the third leg above way, Store sessions in memcached. Some of the company's website pages (LNMP framework) involve login requirements (sessionID), using memcache service, cache PHP sessionID in memcache. Putting the sessionID in memcache will speed up page access. If the memcache contains only sessionids and no other business, then the memcache server will not consume much memory! First, ensure that the PHP extension module supports memcached functionality (that is, always install PHP memcached extension module) [root@huanqiu vhosts]# / Data/app/php5.5.1 / bin/PHP -m[PHP Modules] .......... memcached ........... Problems encountered: In the process of migrating website business (the new memcache machine is used after migrating), because the memcache connection information in php.ini and code is not modified in time or not completely modified, the page access speed after migrating is a little slow and there is a bit of a jam! Finally, check carefully, change all the configuration of memcache connection information, after the migration of the page access speed is normal! 1) First deploy three memcache servers with host names memcache1.server, memcache2.server, and memcache3.server, and start the corresponding ports. Note that the memcache service ports to which no business is applied cannot conflict. Such as: Service A uses port 11021,11022,11023 of the memcache1-3 server. Service B uses port 11031,11032,11033 of the memcache server. Deploy three memcache1, memcache2, and memcache3 to enable corresponding cache ports [root@memcache2 ~]# ps -ef|grep memcache
root      6139     1  0 May30 ?        00:00:05 /usr/bin/memcached -d -m 512 -p 11021 -u root -c 4096 -P  /var/lib/memcache/logs/memcached_11021.pid
root      6184     1  0 May30 ?        00:00:05 /usr/bin/memcached -d -m 512 -p 11022  -u root -c 4096 -P /var/lib/memcache/logs/memcached_11022.pid
root      6198     1  0 May30 ?        00:00:05 /usr/bin/memcached -d -m 512 -p 11023 -u root -c 4096 -P  /var/lib/memcache/logs/memcached_11023.pid
root      6214     1  0 May30 ?        00:00:05 /usr/bin/memcached -d -m 512 -p 11031 -u root -c 4096 -P  /var/lib/memcache/logs/memcached_11031.pid
root      6229     1  0 May30 ?        00:00:05 /usr/bin/memcached -d -m 512 -p 11032 -u root -c 4096 -P  /var/lib/memcache/logs/memcached_11032.pid
root      6244     1  0 May30 ?        00:00:05 /usr/bin/memcached -d512 - m - 11033 - u root - 4096 - c p p/var/lib/memcache/logs/memcached_11033 pid will be powered up for the above program is added to the/etc/rc. The local A) For example, service A first sets the host mapping in /etc/hosts on the corresponding service server (if the internal network of the memcache machine can be pinged, the internal network is used).#vim /etc/hostsServer memcache1.server memcache2.server memcache3. server First set memcache in PHP php.ini#vim /Data/app/php/etc/php.ini. [Session] session.save_handler = memcached session.save_path ="memcache1.server :11021,memcache2.server :11022,memcache3.server :11023"Then restart the PHP service and use memcache in the appropriate code, such as:# vim main.php
     $config['params'] ['erp_host']   = 'http://www.xqshijie.com'; // The following is the memcache configuration, change the corresponding parameters to the corresponding environment$config['components'] ['cache'] ['class'] = 'system.caching.CMemCache';
                        $config['components'] ['cache'] ['useMemcached'] = 'true';
                        $config['components'] ['cache'] ['keyPrefix'] = ' ';
                        $config['components'] ['cache'] ['hashKey'] = false;
                        $config['components'] ['cache'] ['serializer'] = false;
                        $config['components'] ['cache'] ['servers'] [0] ['host'] = 'memcache1.server';
                        $config['components'] ['cache'] ['servers'] [0] ['port'] = 11021;
                        $config['components'] ['cache'] ['servers'] [0] ['weight'] = 10; . B) Service b Set host mapping in /etc/hosts of the corresponding service server (if the internal network of the memcache machine can be pinged, the internal network is used)#vim /etc/hostsServer memcache1.server memcache2.server memcache3. server First set memcache in PHP php.ini#vim /Data/app/php/etc/php.ini. [Session] session.save_handler = memcached session.save_path ="memcache1.server :11031,memcache2.server :11032,memcache3.server :11033"Then restart the PHP service and use memcache in the appropriate code, such as:# vim main.php
     $config['params'] ['erp_host']   = 'http://erp.fangfull.com'; // The following is the memcache configuration, change the corresponding parameters to the corresponding environment$config['components'] ['cache'] ['class'] = 'system.caching.CMemCache';
                        $config['components'] ['cache'] ['useMemcached'] = 'true';
                        $config['components'] ['cache'] ['keyPrefix'] = ' ';
                        $config['components'] ['cache'] ['hashKey'] = false;
                        $config['components'] ['cache'] ['serializer'] = false;
                        $config['components'] ['cache'] ['servers'] [0] ['host'] = 'memcache1.server';
                        $config['components'] ['cache'] ['servers'] [0] ['port'] = 11031;
                        — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — clean the memcache caching method: Telnet localhost 11211 flush_all = Telnet localhost 11211 flush_all = Telnet localhost 11211 flush_all = Telnet localhost 11211 flush_allecho "flush_all"| nc localhost 11211 after using flush_all is not delete the key on the memcache, but is set to expire

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — – PHP. Ini associated Settings on the session attribute in the — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —


Session. use_cookies: indicates whether to use cookies to store session ids on clients. 1 indicates that session ids are enabled and 0 indicates that session ids are disabled

Copy the code

If session.use_cookies = 1 Indicates the storage mode of the sessionID used on the client. If 1 indicates that cookies are used to record the sessionID of the client. $_COOKIE[‘ PHPSESSIONID ‘] is the element in the $_COOKIE variable

Common scripting languages will support the “session mechanism” natively, such as PHP program configuration: Ini session.use_cookies = 1. Use cookies to save the session ID on the client

2) session. Auto start:

Modify the following options in php.ini: Sessioin. auto_start=1 Sessioin. auto_start=1 Never forget to execute session_start() or session_start() in the wrong place in the program. The downside is that if you’re using third-party code, you’ll have to remove all session_start() or you won’t get the correct results.


If the contents of the session are stored in a file, where is the file?

If this parameter is not specified, it is used by default on Linux"/tmp"Directory. As specified online in the php.ini configuration file, session contents are stored in the memcache. By default, session contents are stored in files, i.e. session.save_handler = files, but we are setting session contents to be stored in memcache

Configuration in online environment:

[Session]; Handler used to store/retrieve data.; http://php.net/session.save-handler; session.save_handler = filessession.save_handler = memcachedsession.save_path ="memcache1.huanqiu.com:11311,memcache1.huanqiu.com:11312,memcache2.huanqiu.com:11311,http://memcache2.huanqiu.com:11312"


Setting the life cycle of the session

A) What is the default lifetime of a session?

Answer: Close the browser and it will not work

Reason: Because session_id exists in cookies, cookies fail to close the browser by default

B) How to set the session lifetime to 30 minutes?

Set session.cookie_lifetime = 1800 in the php.ini file

Online production environment is set to 7 days, the life cycle is a week; Lifetime in seconds of cookie or, if 0, until browser is restarted.; http://php.net/session.cookie-lifetimesession.cookie_lifetime = 604800

5) Session name; Name of the session (used as cookie name).; http://php.net/session.namesession.name = PHPSESSID

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — the simple difference between sessions and cookies — — — — — — — — — — — — — — — — — — — — — — —

The session and cookie are essentially two things, but the cookie is also the carrier of the session ID, and the cookie holds the session ID.

1) Cookie data is stored on the client’s browser, and session data is stored on the server.

The session is stored on the server regardless of browser Settings, while cookies are stored on the client and subject to browser Settings.

Cookies are stored on your computer, sessions are stored on the server. So if you go to a different computer and your cookie doesn’t work, your session is still accessible as long as your browser is turned off. It’s usually a combination of the two.

You can disable cookies yourself by setting your browser to do so. That’s not going to work.

2) Cookies are not very secure. Others can analyze cookies stored locally and cheat cookies. For security, session should be used.

Session is the server-side cache and cookie is the client-side cache. The cookie mechanism maintains state on the client, while the session mechanism maintains state on the server.

3) The session will be stored on the server for a certain period of time.

Cookies should be used to reduce server performance when the number of accesses increases.

Session is a scheme for the server to keep the status information of the client. Generally, it is stored in a block of memory on the server, and the session timeout period is set on the server.

Cookie is a solution for the client to keep user information, usually in the form of a file, and the cookie clearing time is set in the client browser.

From the perspective of development, session information can be written to the client through technical solutions and saved. User information in cookies can also be automatically updated when users visit the website through technical means.

4) The data saved by a single cookie cannot exceed 4K. Many browsers limit the maximum number of cookies saved by a site to 20.

5) Suggestion: Store important information such as login information as session; Other information can be stored in cookies if needed

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — open session function — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

It is important to enable the session function, for example, in the following scenario: a website is debugging on the test server, the front page is OK, but when it goes to the background to log in, it fails to log in. At first, it is supposed to be the rewrite rule, but later it is checked because the session function is not enabled.

So how should sessions be opened?

1) Edit the php.ini configuration file session.save_path= register_globals = On $_SESSION[‘sessioname’]; $_SESSION[‘sessioname’]; But I’ve never been successful.

2) Restart the PHP server (if lamp mode is used, restart Apache)

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — take a look at a Session under Linux lost case analysis — — — — — — — — — — — — — — —

Code migration is required for various reasons. After migration, rebuild the PHP environment and run the code. Finally, when I find that the background cannot be accessed on the login page, I will directly return to the login page, and then test the code without any error. The final check is caused by the loss of session during the jump!

So how does a session get lost? There are several reasons for this:

A) The session storage path (directory) does not exist, so temporary session files cannot be generated naturally. B) There is no permission in the session storage path. If there is no permission, session data cannot be stored

Measures to try to solve:

A) Create a phpinfo.php file in the project root directory, write phpinfo() to the file, run this file, check the page, you can find the session storage path,

B) Check whether the session storage path exists on the server. If not, create a storage directory and assign permissions. If there is a session storage path, check whether it has permissions.

C) If the third cause is date.timezone, you can check whether date.timezone is set incorrectly in phpinfo.php and then configure it in the php.ini configuration file

What to know:

Save_handler = memcached; save_handler = memcached; save_handler = memcached; Then configure connection memcache information at session.save_path. Such as: session.save_handler = memcached session.save_path =”memcache1.huanqiu.com:11311,memcache1.huanqiu.com:11312,memcache2.huanqiu.com:11311,http://memcache2.huanqiu.com:11312 “


Session. save_path does not need TCP :// If session.save_path does not need TCP :// if session.save_path does not need TCP ://

Save_handler = redis (if PHP phpredis extension is installed); Then configure the connect address of Redis at session.save_path.

As follows:

session.save_handler = redissession.save_path = "TCP: / /"