Stop Using File-Based Sessions: High-Performance Scaling with Redis 2.4
It starts with a creeping sluggishness. Your load averages look fine. CPU usage is low. Yet, your Apache processes are stacking up, and users in Oslo are complaining that the checkout page is "hanging." You check top and see it: %wa. I/O Wait.
Your physical disks are thrashing. Why? Because you're still storing PHP sessions on the file system. In 2012, with traffic spikes becoming the new normal, writing session data to /var/lib/php/session is architectural suicide.
I recently debugged a Magento setup hosting a flash sale. The server had 16GB of RAM, but the checkout crawled. The culprit wasn't the database; it was the file locking mechanism on thousands of tiny session files. We moved the sessions to Redis. The load dropped from 25.0 to 0.8 instantly.
Here is how you fix this using Redis 2.4, and why the underlying virtualization technology—specifically what we use at CoolVDS—makes or breaks this setup.
Why Redis over Memcached?
For years, Memcached was the go-to. It's fast. But it's a volatile cache. If your Memcached daemon restarts, every single logged-in user gets kicked out. That is unacceptable for e-commerce.
Redis gives us persistence. It writes data to disk asynchronously. If the server reboots, Redis reloads the dataset from memory dumps (RDB) or append-only files (AOF). You get the speed of RAM with the reliability of disk.
The Architecture: PHP 5.3 + Redis 2.4
We need to stop PHP from writing to the disk and point it to a Redis instance. This assumes you are running a standard CentOS 6 or Ubuntu 10.04 LTS stack.
1. Installing Redis
Don't use the default repositories; they are often outdated. Compile stable 2.4 from source to get the latest performance fixes.
wget http://redis.googlecode.com/files/redis-2.4.7.tar.gz
tar xzf redis-2.4.7.tar.gz
cd redis-2.4.7
make
make install2. Configuring Redis for Sessions
Redis defaults are for general caching. For sessions, we need an eviction policy. We don't want Redis to crash if it runs out of RAM; we want it to delete the oldest sessions.
Edit your /etc/redis/redis.conf (or wherever you placed it):
# Snapshotting: Save to disk every 60 seconds if 1000 keys changed
save 60 1000
# Max memory limit (Adjust based on your VPS size)
maxmemory 256mb
# Eviction policy: Remove the least recently used keys first
maxmemory-policy allkeys-lru
Pro Tip: Do not set maxmemory to your full available RAM. The OS needs room to breathe, or the OOM Killer will murder your Redis process. On a 1GB CoolVDS instance, allocate 512MB to Redis.
3. Linking PHP
You need the phpredis extension. It is significantly faster than user-space libraries like Predis because it is written in C.
pecl install redis
echo "extension=redis.so" > /etc/php5/conf.d/redis.iniFinally, tell PHP to use Redis instead of files in your php.ini or pool config:
session.save_handler = redis
session.save_path = "tcp://127.0.0.1:6379"Restart Apache or PHP-FPM. You are done.
The Hardware Trap: Why "Cloud" Can Fail You
Redis is single-threaded. This is its greatest strength and its weakness. It relies heavily on fast memory access and CPU speed. It does not scale across cores for a single instance.
This is where your hosting choice becomes critical. In many "cloud" environments, providers oversell CPU cycles. You might think you have a 2.4GHz core, but