I'd like to improve my Zope/Plone setup by using Beaker and/or Memcached, and I couldn't find a coherent documentation for this topic.
So here is my writeup; I hope for comments and corrections, especially for the nonsense parts.
Sessions configuration
In the default configuration, session data is stored in the ZODB; this means, whenever someone logs in to your site, there will be data written to the end of your Data.fs
file (we ignore RelStorage here, for simplicity). This doesn't perform well, and it doesn't scale well.
Another drawback is: Whenever your object database is mounted read-only (perhaps because some long-running data conversion you'll like to complete before people apply their own changes), no logins are possible.
ZODB mountpoint
In your various parts/instance/etc/zope.conf
files, you'll likely find some section
<zodb_db temporary>
# Temporary storage database (for sessions)
<temporarystorage>
name temporary storage for sessioning
</temporarystorage>
mount-point /temp_folder
container-class Products.TemporaryFolder.TemporaryContainer
</zodb_db>
Obviously, “name temporary storage for sessioning
” is not a working configuration; furthermore, this would imply the /temp_folder
to be written to a zodb_db
as well (another one, but still); this is not what we want to achieve.
Let's try something else.
Beaker
The simplest possibility to separate the session data is to use Beaker. In the most basic case, Beaker can write session data to a directory in the file system; like the commonly used ZODB (via ZEO or RelStorage), this can be used by all clients of our Zope instance.
In the buildout script, add the Products.BeakerSessionDataManager module to your eggs value.
This requires collective.beaker and contains the “zcml slug” which is mentioned in the collective.beaker documentation; it is needed as well to make Zope/Plone use beaker-based sessions itself.
- Question: Products.BeakerSessionDataManager v1.1 requires Zope2, so it apparently won't fit Plone 5.2, which uses Zope 4+.
- Is it possible to use beaker in the same or another way with Plone 5.2+?
To have beaker how to store the session data, add some configuration to our buildout script, like described here; e.g.:
zope-conf-additional =
<product-config beaker>
session.type file
session.data_dir ${buildout:directory}/var/sessions/data
session.lock_dir ${buildout:directory}/var/sessions/lock
session.key beaker.session
session.secret secret
</product-config>
(„secret“ of course being a secret string unique to your Zope instance)
In a bash session, you might create the new directories by calling
mkdir -p var/sessions/{data,lock}
Take care them to be readable/writeable to the system user you use to run Zope.
After rebuilding and restarting your Zope instance,
- open the ZMI,
- delete the existing
session_data_manager
object in the Zope root, - and add a
Beaker Session Data Manager
instead (which will have that same idsession_data_manager
as well).
When users login, there should now data be written to the …/var/sessions/{data,lock}
directories.
You can try as well to run your instance with the ZODB mounted read-only and see whether it is still possible to login.
memcached
One step further, you could run a Memcached server to manage the session data.
It is possible and common to configure beaker to use memcached as a backend; alternatively, you can omit beaker and use the lovely.session product instead. This will in turn use lovely.memcached to talk to your memcached server.
If you don't have a memcached server already, install it; you might use your system's package manager, e.g.:
yum install memcached
If no such package is available for your system, or if it is too old, have a look at https://memcached.org/downloads, and get the source package.
- (Question: On my system, this installs memcached-1.4.15-10.el7_3.1.x86_64, which is obviously maintained, but based on version 1.4.15, released on 2012-09-03. Should I compile memcached myself to get a more current version 1.5.12? Obviously I lack some needed Perl package to make „make test“ succeed.)
(…)