Using Managed Service for Redis clusters as PHP session storage
You can use Managed Service for Redis clusters for storing PHP session data.
To configure a Managed Service for Redis cluster as PHP session storage:
- Configure PHP to use the Managed Service for Redis cluster as storage for sessions.
- Check whether PHP session data is saved to the Managed Service for Redis cluster.
If you no longer need the resources you created, delete them.
Getting started
Prepare the infrastructure
-
If you use Virtual Private Cloud security groups, configure them. Add TCP settings to the security group to allow the following:
- Incoming traffic on port
22
from any IP addresses for SSH. - Outgoing and incoming traffic on ports
80
and443
to and from any IP address for HTTP/HTTPS. - Outgoing and incoming traffic on port
6379
to and from internal network IP addresses for Redis.
For more information, see Security groups.
- Incoming traffic on port
-
Create a virtual machine with LAMP/LEMP in Yandex Compute Cloud of any suitable configuration.
When creating a VM, select the security group that you set up earlier. To check the security settings, enter the VM's public IP address in the browser address bar: the default page of the web server should be displayed.
-
Create a Managed Service for Redis cluster with any suitable configuration. When creating a Managed Service for Redis cluster, specify the same network and security groups as those of the VM hosting the web server.
-
If you do not have Terraform yet, install it.
-
Get the authentication credentials. You can add them to environment variables or specify them later in the provider configuration file.
-
Configure and initialize a provider. There is no need to create a provider configuration file manually, you can download it
. -
Place the configuration file in a separate working directory and specify the parameter values. If you did not add the authentication credentials to environment variables, specify them in the configuration file.
-
Download the configuration file for the appropriate cluster type to the same working directory:
- redis-cluster-non-sharded-and-vm-for-php.tf
: For a non-sharded cluster. - redis-cluster-sharded-and-vm-for-php.tf
: For a sharded cluster.
Each file describes:
- Network.
- Subnet.
- Default security group and rules required to connect to the cluster and VM from the internet.
- Managed Service for Redis cluster.
- Virtual machine.
- redis-cluster-non-sharded-and-vm-for-php.tf
-
Specify the following in the configuration file:
- Password to access the Managed Service for Redis cluster.
- ID of the public LAMP/LEMP image.
- Username and path to the public key file for accessing the virtual machine. By default, the specified username is ignored in the image used. A user with the
ubuntu
username is created instead. Use it to connect to the instance.
-
Make sure the Terraform configuration files are correct using this command:
terraform validate
If there are any errors in the configuration files, Terraform will point them out.
-
Create the required infrastructure:
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
All the required resources will be created in the specified folder. You can check resource availability and their settings in the management console
. -
Configure additional settings
-
Connect to the VM with the web server via SSH and configure it:
-
Install certificates:
sudo mkdir --parents /usr/local/share/ca-certificates/Yandex/ && \ sudo wget "https://storage.yandexcloud.net/cloud-certs/CA.pem" \ --output-document /usr/local/share/ca-certificates/Yandex/YandexInternalRootCA.crt
-
Prepare the environment and install the phpredis
library usingpecl
:sudo apt update && \ sudo apt install php-dev pkg-php-tools redis-tools --yes && \ sudo pecl channel-update pecl.php.net && \ sudo pecl install redis
-
Become the owner of the
/var/www/html/
directory and delete all its contents:sudo chown <username> /var/www/html/ --recursive && \ rm /var/www/html/*
-
Configure PHP to use the Managed Service for Redis cluster as storage for sessions
-
Make changes to the
php.ini
configuration file for your web server.The
php.ini
file is usually located in the following directory:/etc/php/7.2/apache2/
for Apache./etc/php/7.2/fpm/
for NGINX.
To find out the location of
php.ini
, run the commandsudo find /etc/ -name php.ini
.Note
There is no need to make any changes to
php.ini
for the PHP CLI.Non-sharded clusterSharded cluster[PHP] ... extension = redis ... [Session] session.save_handler = redis session.save_path = "tcp://<FQDN_of_Redis_master_host>:6379?auth=<password>"
[PHP] ... extension = redis ... [Session] session.save_handler = rediscluster session.save_path = "seed[]=<FQDN1>:6379&seed[]=<FQDN2>:6379&seed[]=<FQDN3>:6379&auth=<password>"
Where
<FQDN1>
,<FQDN2>
, and<FQDN3>
are fully qualified domain names of cluster master hosts. For example, for a cluster with three shards and thepassword
password, thesession.save_path
parameter value will look like this:session.save_path = "seed[]=rc1a-t9h8gxqo********.mdb.yandexcloud.net:6379&seed[]=rc1b-7qxk0h3b********.mdb.yandexcloud.net:6379&seed[]=rc1c-spy1c1i4********.mdb.yandexcloud.net:6379&auth=password"
For more information about how to connect to clusters, see Setting up a connection.
-
Restart the web server:
sudo systemctl restart apache2
for Apache.sudo systemctl restart php7.2-fpm
for NGINX.
Check whether PHP session data is saved to the Managed Service for Redis cluster
-
In the
/var/www/html/
directory, create a fileindex.php
that will output powers of2
:<?php session_start(); $count = isset($_SESSION['count']) ? $_SESSION['count'] : 1; echo $count; $_SESSION['count'] = $count * 2;
Each time the page is refreshed, the output value will increase. The
$count
variable value will be saved in the session data. A unique key will be created for each session in Redis. -
Connect to the Redis cluster from the VM via
redis-cli
:redis-cli -c -h <FQDN_of_master_host> -a <password>
Enter the following command to see what keys are stored in Redis:
KEYS *
(empty list or set)
The returned result shows that no data is currently stored in Redis.
-
Check whether user sessions are saved when connecting to the web server:
- Enter the public IP of the VM hosting the web server in the browser address bar. The first time you open the page,
1
is output. - Refresh the page several times: the output value will increase.
- Open the page from a different browser: the count will start with
1
. - Refresh the page several times: the output value will increase, too.
The fact that the value of the
$count
variable is saved between browser page updates shows that the configured PHP session storage mechanism in the Managed Service for Redis cluster works properly. - Enter the public IP of the VM hosting the web server in the browser address bar. The first time you open the page,
-
Repeat the query to view the keys stored in Redis:
KEYS *
1) "PHPREDIS_SESSION:keb02haicgi0ijeju3********" 2) "PHPREDIS_SESSION:c5r0mbe1v84pn2b5kj********"
The returned result shows that, for each session in Redis, its own key is created.
Delete the resources you created
Delete the resources you no longer need to avoid paying for them:
- Delete the Yandex Managed Service for Redis cluster.
- Delete the virtual machine.
- If you reserved public static IP addresses, release and delete them.
To delete the infrastructure created with Terraform:
-
In the terminal window, go to the directory containing the infrastructure plan.
-
Delete the configuration file (
redis-cluster-non-sharded-and-vm.tf
orredis-cluster-sharded-and-vm.tf
). -
Make sure the Terraform configuration files are correct using this command:
terraform validate
If there are any errors in the configuration files, Terraform will point them out.
-
Confirm updating the resources.
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
All the resources described in the configuration file will be deleted.
-