Jump to content

SessionStorage

From Wikitech
This page is currently a draft.
Material may not yet be complete, information may presently be omitted, and certain parts of the content may be subject to radical, rapid alteration. More information pertaining to this may be available on the talk page.

Session storage provides application servers with shared access to user session data, making this service critical to site functionality for logged in users. It utilizes Kask, a RESTful opaque key/value storage abstraction on top of Apache Cassandra, deployed in an active/active configuration in both the eqiad and codfw data-centers.

Production Environment

Service endpoints

Discovery

https://sessionstore.discovery.wmnet:8081/sessions/v1

eqiad

https://sessionstore.svc.eqiad.wmnet:8081/sessions/v1

codfw

https://sessionstore.svc.codfw.wmnet:8081/sessions/v1

staging

https://staging.svc.eqiad.wmnet:8081

Prometheus metrics

https://sessionstore.discovery.wmnet:8081/metrics

Readiness

https://sessionstore.discovery.wmnet:8081/healthz

Cassandra

Given the sensitivity of the information stored, a dedicated Cassandra cluster is used.

Monitoring and debugging

Sessionstore has a Grafana dashboard.

Failures in sessionstore operation are very likely to have an impact upon user sessions in a variety of ways. Reports of CSRF token failures are a frequent giveaway. Spiking errors of save failures on the Edit Count dashboard and spiking MediaWiki login errors are also a common sign of issues with sessions.

Common Tasks

Deployment

k8s

Follow the Kubernetes documentation for the sessionstore service.

The namespace and Kubernetes service is called "sessionstore" while the Helm chart used is named "kask".

Deployment-prep

Unlike production, Docker is used to deploy the session storage service in the deployment-prep environment.

In a web browser:

  1. Visit https://horizon.wikimedia.org
  2. Select the deployment-prep project
  3. Select Project → Compute → Instances (in the sidebar)
  4. Locate and select the deployment-sessionstore04 instance
  5. Select the Puppet Configuration tab
  6. Scroll to the bottom of the page, and click edit for Hiera Config (see below)
  7. Click "Apply Changes"
  8. Run sudo run-puppet-agent from deployment-sessionstore04
Sample Hiera Config
profile::cassandra::instances:
  deployment-sessionstore02.deployment-prep.eqiad1.wikimedia.cloud: {}
profile::docker::engine::declare_service: true
profile::docker::engine::settings: {}
profile::docker::engine::version: 1.12.6-0~debian-jessie
profile::docker::runner::service_defs:
  mediawiki-services-kask:
    config:
      base_uri: /sessions/v1
      cassandra:
        authentication:
          password: cassandra
          username: cassandra
        hosts:
        - deployment-sessionstore02.deployment-prep.eqiad1.wikimedia.cloud
        keyspace: sessions
        table: values
      default_ttl: 86400
      listen_address: 0.0.0.0
      listen_port: 8080
      openapi_spec: /go/src/gerrit.wikimedia.org/r/mediawiki/services/kask/openapi.yaml
      service_name: sessions
    namespace: wikimedia
    override_cmd: ./kask --config /etc/mediawiki-services-kask/config.yaml
    port: 8080
    version: v1.0.10
The contents of mediawiki-services-config.config are written verbatim to the container as /etc/mediawiki-services-kask/config.yaml (the Kask configuration file)
Use mediawiki-services-kask.version to specify the Kask Docker image tag. Use mediawiki-services-kask.port to assign the port Kask will listen on.

Pool and Depool

FIXME: Stub.

See also