0

We have been struggling with this problem for over 2 years now. We have an eCommerce shop that uses PHP sessions to store user baskets and other information. The problem is that after a while, the server will run out of disk inodes even if there is plenty of free space left on the server disk. Then it will crash the entire server because we can't write anything on the disk.

We brought this issue to our server management company many times but we're being answered to delete some sessions to free up inodes. The problem is that every time we do this, customers will lose their baskets.

What is the solution to fix this issue? Writing the PHP sessions to the database would require too much major code changes, and we can't increase the inode count without starting over with a different server.

We already have a cron job to delete sessions files that have not been modified in the last month, but this is not enough, and as the website keeps growing, the inodes issues are happening more frequently.

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
456543646346
  • 111
  • 5
  • You're going to have to make code changes, regardless. Storing sessions on disk is basically for very low traffic web sites only. I don't know why you think it is a "major" work, though. It should be very quick and easy. – Michael Hampton Aug 11 '19 at 17:43
  • 1
    `What is the solution to fix this issue? Writing the PHP sessions to the database would require too much major code changes, and we can't increase the inode count without starting over with a different server.` - It seems that you've identified at least two solutions but are avoiding them because it would be "too hard". Sometimes the right solution is hard. Don't take the lazy way. Do what needs to be done, in the right way, and fix it. – joeqwerty Aug 11 '19 at 17:48
  • It's not about being lazy or not. Starting over with a new server means that everybody will lose their baskets and that's exactly what we're trying to avoid. Writing the PHP sessions to DB isn't always possible when you use a third party app, unless somebody has something to suggest which could replace the default built-in PHP sessions functions. That's the suggestions I was hoping when I came here. – 456543646346 Aug 11 '19 at 18:06
  • I'm voting to close this question as off-topic because if the right answer is too hard, we can't help you. – womble Mar 30 '20 at 02:07

3 Answers3

3

From a systems perspective, on real hardware, the solution is to create a new file system with a different inode_ratio or even a new FS type that is designed around massive amounts of small files. Your hosting provider may or may not provide this functionality if your are cloud based vs. colocated HW or "dedicated" VPSes. SEE EDIT BELOW

If you can change the code to the shopping system, you should store carts for logged in users in a database, and let the session expire as normal and have the old session files cleaned up. Sessions should have relatively short lives, and session files should be cleaned up/deleted for old inactive sessions on a regular basis.

Storing info in the DB has lots of advantages - both technological (easier to split webserver load across a CDN) and business purposes ("hey, you've had this item in your wish list for a while and it is almost out of stock - buy now!" emails have gotten me to open my wallet more than once) and this is the direction I would head. But at the very least start deleting old expired session files....

Edit to add -

One hacky way of getting a new FS would be to create a sparse file of appropriate size, format it with the file system of choice, and mount it on a loop back setup. Of course, you'll need sufficient space, etc. to do this....

ivanivan
  • 1,488
  • 7
  • 6
  • Agreed on the loopback mount. Long-term, use of ZFS will prevent the system from even running out of inodes. – Jim L. Aug 12 '19 at 22:44
1

Zebra Session acts as a wrapper for PHP's default session handling functions, but instead of storing session data in flat files it stores them in a MySQL database, providing better security and better performance

it is a drop-in and seamingless replacement for PHP's default session handler: PHP sessions will be used in the same way as prior to using the library; you don't need to change any existing code!

https://github.com/stefangabos/Zebra_Session

Exactly what I was looking for.

Another solution: https://stackoverflow.com/questions/36753513/how-do-i-save-php-session-data-to-a-database-instead-of-in-the-file-system

456543646346
  • 111
  • 5
  • Awesome. But people looking for software recommendations should probably go to http://softwarerecs.stackexchange.com and not serverfault... – ivanivan Aug 12 '19 at 23:04
0

It should be possible to migrate the PHP session files to a new server.

This assumes it's worth the effort of moving to a new server which has the resources (inodes) that can cope with the anticipated growth in traffic for an acceptable length of time.

The session files are stored in the session.save_path setting in php.ini.

suspectus
  • 658
  • 1
  • 5
  • 11