AWS Elastic Beanstalk and PHP sessions

Question

I currently have a php application in development on an AWS EC2 instance but I've decided to move it to Elastic Beanstalk to take advantage of the autoscaling functionality.

While most of the application migrated to the new Elastic Beanstalk EC2 instances flawlessly, I'm running into an issue regarding php sessions. It seems that the php session save path is unwritable, according to the following message generated by php:

 Warning: Unknown: open(/var/lib/php/5.5/session/sess_uc1dpvmoq5fikcv0q2kogker15, O_RDWR)
 failed: Permission denied (13) in Unknown on line 0 Warning: Unknown: Failed to write
 session data (files). Please verify that the current setting of session.save_path is
 correct (/var/lib/php/5.5/session) in Unknown on line 0

Is there any way around this without modifying PHP.ini or CHMODing? I would like to have my application run on the default Elastic Beanstalk EC2 instances without using custom AMIs. I would hope that such a simple use of php sessions should be allowed by default!

Answer 1

Moving your application to Elastic Beanstalk means that from now on your application will possibly run on multiple physical web server instances. (That's what you're paying for.) This means that a request with a valid session ID could be forwarded to a server which does not possess that session file on disk (you seem to be using the file-based session handler as shown in the question).

Solution A (preferred)
You need to store sessions in a shared location where they can be accessed by all of your web server instances. Amazon typically recommends DynamoDB for this, but it could also be MySQL or Redis or even the Elastic Cache provided by AWS.

Solution B (slower, unreliable, needs SSL termination at load balancer)
Configure your load balancer in a way that it uses "sticky" sessions. This means that the L.B. will unwrap HTTP(S) packets, look for the session cookie and then forward the request to the correct web server where the session lives.