Is your hard drive the bottleneck? Probably.

I looked at a client's top output yesterday. Their load average was 15.0 on a dual-core box. The CPU wasn't the problem—it was 98% idle. The killer was %wa (iowait). They were running a standard Magento installation for a Norwegian retail campaign, and every single visitor created a session file on the disk.

When you hit 500 concurrent users, the disk heads physically cannot move fast enough to write those session files in /var/lib/php/session. The result? A site that hangs, despite having plenty of RAM.

The solution in 2011 isn't faster spinning disks. It's moving session data to where it belongs: RAM. While Memcached has been the standard for years, today we are looking at Redis.

Why Redis over Memcached?

I hear this argument constantly on IRC. "Memcached is faster." Maybe, by a microsecond. But here is the reality for production environments:

• Persistence: If your Memcached daemon crashes or the server reboots, everyone gets logged out. Shopping carts vanish. Users get angry. Redis writes to disk asynchronously (RDB/AOF), so you can reboot the server and keep the sessions alive.
• Data Structures: Redis understands lists and hashes. It's not just a dumb key-value store.

The Setup: Debian Squeeze (6.0)

Let's assume you are running a standard LAMP stack. We need to install the Redis daemon and the PHP extension.

1. Install Redis

The repository version in Squeeze is a bit old. For serious production, I recommend compiling the latest stable branch (2.2.x) or using Dotdeb.

# Add Dotdeb to sources.list
echo "deb http://packages.dotdeb.org squeeze all" >> /etc/apt/sources.list
wget -q -O - http://www.dotdeb.org/dotdeb.gpg | apt-key add -
apt-get update
apt-get install redis-server

2. Install the PHP Extension (phpredis)

Don't use the pure PHP implementations; they are too slow. Use the C extension via PECL.

pecl install redis

Add the extension to your PHP config:

echo "extension=redis.so" > /etc/php5/conf.d/redis.ini
/etc/init.d/apache2 restart

Configuration: The Magic Switch

Now, tell PHP to stop writing files and start talking to the Redis port (6379).

Edit your php.ini or your specific VirtualHost configuration:

; old setup
; session.save_handler = files
; session.save_path = "/var/lib/php/session"

; new hotness
session.save_handler = redis
session.save_path = "tcp://127.0.0.1:6379"

If you have security concerns—and you should—you can configure Redis to listen on a Unix socket instead of a TCP port, which avoids the TCP overhead entirely. Just make sure the permissions on the socket allow the www-data user to read/write.

The "Neighbor" Problem

Here is the catch. Redis lives in RAM. If you are hosting on a cheap, oversold VPS where the provider uses OpenVZ and ballooning to overcommit memory, your Redis instance might get killed by the OOM (Out Of Memory) killer when the physical node gets busy.

This is where architecture matters. At CoolVDS, we use Xen and KVM virtualization. When you buy 2GB of RAM, that memory is hard-allocated to your kernel. We don't oversell. If you want to run Redis for sessions, you need that guarantee.

Local Latency and Data Privacy

For those of us operating out of Oslo or managing data for Norwegian clients, latency to the US or even Germany adds up. Every database call, every session read adds 30-100ms if your server is abroad.

Furthermore, under the Personopplysningsloven (Personal Data Act), you are responsible for where user data lives. Sessions often contain PII (Personally Identifiable Information). Keeping that data inside Norway, on servers physically located in Oslo peering directly at NIX (Norwegian Internet Exchange), is the safest bet for compliance and speed.

Performance Tuning Tip

Pro Tip: In your redis.conf, check the maxmemory-policy. For sessions, set it to volatile-lru. This ensures that if you do run out of RAM, Redis will evict the old sessions with an expiration date first, rather than crashing or rejecting writes.

Conclusion

Stop abusing your hard drives with session files. It scales poorly and increases load averages unnecessarily. Redis is stable, persistent, and supported by modern frameworks.

If you need a testing ground, spin up a Debian instance on CoolVDS. Our SSD-cached storage arrays and guaranteed RAM provide the perfect environment for high-throughput Redis deployments. You can ping our test IP to see the latency difference from your office in Oslo.