My company has a customer-facing web application distributed across several servers for the purpose of load balancing and fault tolerance. The application is written in Ruby (Rack, running under Passenger), and authentication to the application is handled via HTTP session cookies.
We currently use a SQL database to store the session data (replicating it as part of our standard database replication), however this solution is not ideal as our SQL database is Postgres, and does not support multi-master operations (during a maintenance outage on the master database logged-in users can check their sessions against a slave, but new users cannot log in). The overhead of SQL queries for every page hit is also not optimal.
I would like to know what practical solutions folks are currently using in production.
Ideally we're looking for:
A shared session store
Users logged in toServer Ashould be able to transparently move toServer Bwithout having to log back in.Good redundancy
Losing a single server shouldn't lose any session state.Low overhead
At a minimum "less intensive than a SQL query for each page hit".
So far the most promising solution we've found is
rack-session-mongo. This, combined with MongoDB replication, should meet both the shared session store and redundancy/failover requirements.We're beginning testing to see if it meets the "low overhead" requirement, but it seems promising in that regard as well.