ApsaraDB for Memcache:Cache PHP session variables

Background

When building websites using PHP, users often store some information in the $_SESSION global variable, which allows for convenient access and storage. The PHP ini configuration file provides [Session]-related configurations, which support storing information in files or Memcached servers. This is determined by the configuration item session.save_handler = memcached. In most scenarios, this session data does not need to be persistent. To improve website performance, session information is often cached in Memcached.

Problem

ApsaraDB for Memcache and self-built Memcached both implement the standard Memcached protocol. Users, aiming to reduce server memory usage and minimize maintenance of Memcached, want to migrate session storage from self-built Memcached to ApsaraDB for Memcache without modifying the code. However, issues arise during the migration process. This article aims to help users address these issues.

The most significant difference between ApsaraDB for Memcache and self-built Memcached is "account and password authentication":

• ApsaraDB for Memcache: Provides distributed cluster services with load balancing and no single point of failure. Users can dynamically and elastically adjust configurations without restarting the service. Since it is an external service, it includes corresponding security mechanisms such as whitelists, throttling, and account and password authentication.

• Self-built Memcached: Most users do not configure account and password authentication for self-built Memcached. Compared to ApsaraDB for Memcache, it lacks the SASL authentication process. Therefore, when users migrate session storage from self-built Memcached to ApsaraDB for Memcache, they need to configure account and password information in php.ini.

Solution

1. Older versions of the PHP Memcached extension do not support this functionality. You need to upgrade the PHP Memcached extension to version 2.2.0. Example code is as follows:

    wget http://pecl.php.net/get/memcached-2.2.0.tgz
    tar  zxvf  memcached-2.2.0.tgz
   
    cd memcached-2.2.0
   
    phpize
   
    ./configure --with-libmemcached-dir=/usr/local/libmemcached --enable-memcached-sasl
   
    make
   
    make install

2. Locate the newly upgraded memcached.so file and use the stat command to confirm whether it has been updated (pay attention to the modify time).

3. Modify the php.ini configuration.

   1. Session section: Locate the [Session] section and modify the storage engine as follows:

      session.save_handler = memcached** (note that this is the extension with "d") **

      Modify the storage address, which is the Memcache access address, as follows:

      session.save_path = "be6b6b8221cc11e4.m.cnhzalicm10pub001.ocs.aliyuncs.com:11211" (note that for the extension with "d", you do not need to add tcp:// at the beginning, but for the extension without "d", you do)

      Modify the key expiration time for caching in Memcached:

      session.gc_maxlifetime = 1440 (unit: seconds. It is strongly recommended to set a reasonable time to ensure that OCS always caches only hot spot data)

   2. Memcached section: In the global section of php.ini, create a separate section [memcached] and add the following configuration in a blank area:

      [memcached]
      memcached.use_sasl = On
      memcached.sess_binary = On
      memcached.sess_sasl_username = "your_ocs_name"
      memcached.sess_sasl_password = "your_ocs_password"
      memcached.sess_locking = Off

The installation steps are complete. For additional useful parameters in the Memcached and Session sections, refer to the following links:

http://php.net/manual/en/memcached.configuration.php

http://php.net/manual/en/session.configuration.php

Next, test whether the configuration is effective.

Testing

Write the following test code in session.php:

<?php
session_start();
$sn = session_id();
echo "session id:".$sn."\n";
$_SESSION["ocs_key"]="session_value";
echo "session:".$_SESSION["ocs_key"]."\n";
?>

The output is as follows:

session id:ttrct9coa2q62r2sodlq4qf376

session:session_value

Use the following test code in get.php to retrieve the session data written by session.php from Memcache:

<?php
$memc = new Memcached();
$memc->setOption(Memcached::OPT_COMPRESSION, false);
$memc->setOption(Memcached::OPT_BINARY_PROTOCOL, true);
$memc->addServer("be6b6b8221cc11e4.m.cnhzalicm10pub001.ocs.aliyuncs.com", 11211);
$memc->setSaslAuthData("your_ocs_name", "your_ocs_password");
echo $memc->get("memc.sess.key.ttrct9coa2q62r2sodlq4qf376");
/* Note that the key has a prefix, which is determined by the memcached.sess_prefix field in php.ini. The default value is "memc.sess.key.". Then concatenate the session ID "ttrct9coa2q62r2sodlq4qf376" printed above. */
?>

The output of this code is as follows:

ocs_key|s:13:"session_value";

This indicates that the PHP SESSION has been successfully written to Memcache.