SessionStorage
Material may not yet be complete, information may presently be omitted, and certain parts of the content may be subject to radical, rapid alteration. More information pertaining to this may be available on the talk page.
Session storage provides application servers with shared access to user session data, making this service critical to site functionality for logged in users. It utilizes Kask, a RESTful opaque key/value storage abstraction on top of Apache Cassandra, deployed in an active/active configuration in both the eqiad and codfw data-centers.
Production Environment
Service endpoints
Discovery
https://sessionstore.discovery.wmnet:8081/sessions/v1
eqiad
https://sessionstore.svc.eqiad.wmnet:8081/sessions/v1
codfw
https://sessionstore.svc.codfw.wmnet:8081/sessions/v1
staging
https://staging.svc.eqiad.wmnet:8081
Prometheus metrics
https://sessionstore.discovery.wmnet:8081/metrics
Readiness
https://sessionstore.discovery.wmnet:8081/healthz
Cassandra
Given the sensitivity of the information stored, a dedicated Cassandra cluster is used.
Monitoring and debugging
Sessionstore has a Grafana dashboard.
Failures in sessionstore operation are very likely to have an impact upon user sessions in a variety of ways. Reports of CSRF token failures are a frequent giveaway. Spiking errors of save failures on the Edit Count dashboard and spiking MediaWiki login errors are also a common sign of issues with sessions.
Common Tasks
Deployment
k8s
Follow the Kubernetes documentation for the sessionstore service.
Deployment-prep
Unlike production, Docker is used to deploy the session storage service in the deployment-prep environment.
In a web browser:
- Visit https://horizon.wikimedia.org
- Select the deployment-prep project
- Select Project → Compute → Instances (in the sidebar)
- Locate and select the deployment-sessionstore04 instance
- Select the Puppet Configuration tab
- Scroll to the bottom of the page, and click edit for Hiera Config (see below)
- Click "Apply Changes"
- Run
sudo run-puppet-agent
from deployment-sessionstore04
Sample Hiera Config
profile::cassandra::instances:
deployment-sessionstore02.deployment-prep.eqiad1.wikimedia.cloud: {}
profile::docker::engine::declare_service: true
profile::docker::engine::settings: {}
profile::docker::engine::version: 1.12.6-0~debian-jessie
profile::docker::runner::service_defs:
mediawiki-services-kask:
config:
base_uri: /sessions/v1
cassandra:
authentication:
password: cassandra
username: cassandra
hosts:
- deployment-sessionstore02.deployment-prep.eqiad1.wikimedia.cloud
keyspace: sessions
table: values
default_ttl: 86400
listen_address: 0.0.0.0
listen_port: 8080
openapi_spec: /go/src/gerrit.wikimedia.org/r/mediawiki/services/kask/openapi.yaml
service_name: sessions
namespace: wikimedia
override_cmd: ./kask --config /etc/mediawiki-services-kask/config.yaml
port: 8080
version: v1.0.10
mediawiki-services-config.config
are written verbatim to the container as /etc/mediawiki-services-kask/config.yaml
(the Kask configuration file)mediawiki-services-kask.version
to specify the Kask Docker image tag. Use mediawiki-services-kask.port
to assign the port Kask will listen on.