Skip to content

Add ClusterSessions for redis sessions migration

Marco Gregoriusrequested to merge
mg-migrate-sessions-to-redis-cluster into master

What does this MR do and why?

This MR adds a new Redis class ClusterSessions which is going to be the new Redis Cluster store for the existing Sessions Redis store. Migration is done by wrapping the Sessions class with Multistore, which handles dual writes to both stores via FF toggles.

This is the 3rd MR in the series of MR in gitlab-com/gl-infra/data-access/durability/team#35 (closed).

FF warning

BIG WARNING: Ensure use_primary_store_as_default_for_sessions FF is disabled (currently enabled from seemingly previous migration), otherwise traffic would start going into Redis SharedState (like what happened in gitlab-com/gl-infra/production#19028 (closed)).

FF state as per 2024-01-21 06:36

image

References

Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

Before After

How to set up and validate locally

  1. Setup Redis Cluster https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/redis_cluster.md

  2. Configure cluster_sessions to use the Redis Cluster in config/redis.yml:

    development:
  cluster_sessions:
    cluster:
      - redis://localhost:6001

  3. Enable dual write FF use_primary_and_secondary_stores_for_sessions

  4. Monitor Redis Cluster commands by opening 3 terminal sessions and run redis-cli -p 6000 monitor , redis-cli -p 6001 monitor , redis-cli -p 6002 monitor

  5. Visit GitLab, login

  6. You should see some set , setex and setadd in the monitored Redis Cluster, eg:

    1737368969.459424 [0 127.0.0.1:55015] "setex" "session:user:gitlab::v2:1:2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0" "604800" "v2:{\"ip_address\":\"127.0.0.1\",\"browser\":\"Chrome\",\"os\":\"Mac\",\"device_name\":null,\"device_type\":\"desktop\",\"created_at\":\"2025-01-17T12:07:14.057Z\",\"updated_at\":\"2025-01-20T10:29:29.456Z\",\"session_private_id\":\"2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0\",\"is_impersonated\":false,\"admin_mode\":false}"
1737368969.459475 [0 127.0.0.1:55015] "sadd" "session:lookup:user:gitlab:1" "2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0"
1737368969.978883 [0 127.0.0.1:59891] "setex" "session:user:gitlab::v2:1:2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0" "604800" "v2:{\"ip_address\":\"127.0.0.1\",\"browser\":\"Chrome\",\"os\":\"Mac\",\"device_name\":null,\"device_type\":\"desktop\",\"created_at\":\"2025-01-17T12:07:14.057Z\",\"updated_at\":\"2025-01-20T10:29:29.959Z\",\"session_private_id\":\"2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0\",\"is_impersonated\":false,\"admin_mode\":false}"
1737368969.978923 [0 127.0.0.1:59891] "sadd" "session:lookup:user:gitlab:1" "2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0"
1737368972.862414 [0 127.0.0.1:55015] "setex" "session:user:gitlab::v2:1:2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0" "604800" "v2:{\"ip_address\":\"127.0.0.1\",\"browser\":\"Chrome\",\"os\":\"Mac\",\"device_name\":null,\"device_type\":\"desktop\",\"created_at\":\"2025-01-17T12:07:14.057Z\",\"updated_at\":\"2025-01-20T10:29:32.860Z\",\"session_private_id\":\"2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0\",\"is_impersonated\":false,\"admin_mode\":false}"
1737368972.862454 [0 127.0.0.1:55015] "sadd" "session:lookup:user:gitlab:1" "2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0"

1737368972.882436 [0 127.0.0.1:55020] "set" "session:gitlab:2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0" "\x04\bo: ActiveSupport::Cache::Entry\t:\x0b@value{\x0cI\"\x1alast_authn_request_id\x06:\x06ETI\"*_8450f672-bfe8-46c2-955e-e240fd521f50\x06;\aTI\"\rsaml_uid\x06;\aTI\"\x062\x06;\aTI\"\x17saml_session_index\x06;\aTI\"0_d1f49a4d232ec1da0c98a0fe4f881feeefebaa22af\x06;\aTI\"\x19warden.user.user.key\x06;\aT[\a[\x06i\x06I\"\"$2a$10$y7/L42WUBppyY8sKToazCu\x06;\aTI\" ask_for_usage_stats_consent\x06;\aFFI\"\x10_csrf_token\x06;\aFI\"06-CSnU1p6xMg4KPBR9_Pcn60cL25vmwj45XPR5fzXMU\x06;\aFI\"\x17redirect_return_to\x06;\aTI\"\r/twitter\x06;\aT:\r@version0:\x10@created_atf\x060:\x10@expires_inf\x171737973772.8784032" "PX" "604800000"

  7. Redis Cluster should have some data now

    ❯ redis-cli -p 6000 keys '*'
(empty array)
❯ redis-cli -p 6001 keys '*'
1) "session:user:gitlab::v2:1:2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0"
2) "session:lookup:user:gitlab:1"
❯ redis-cli -p 6002 keys '*'
1) "session:gitlab:2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0"

  8. Switch over read by enabling FF use_primary_store_as_default_for_sessions

  9. You should still be logged in.

  10. One of the Redis port should receive a get command now

    1737368325.929292 [0 127.0.0.1:55020] "get" "session:gitlab:2::f3a107b4f25e381a57ba463357f92b7338d1d126efb5d33a56445434d258a4c0"
Edited by Marco Gregorius

Merge request reports