Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Performance comparison of using django signed cookie session over django db + cache based session?

Django 1.4 offers several ways to maintain django sessions :

My viewpoint on using :

i) cache only : Not preferable, users sessions may get purged out of memcache.

ii) Db + cache (cached_db): Preferable , simple and secure solution.

iii) Signed cookie sessions : Preferable, no database hit .

Assuming that the session data is very small i.e. no problem in storing it in cookie. Is there any performance benefit of using signed cookie over a database + memcache driven session engine ? As for N concurrent new users, there would be order of N database hits saved. This will reduce total queries that the database server has to handle per unit time.

UPDATE : We found redis or aerospike as really robust and high throughput session backends for django. We are using redis as sessions backend

like image 781
DhruvPathak Avatar asked Aug 27 '12 12:08

DhruvPathak


People also ask

Does Django use cookies?

Django uses a cookie containing a special session id to identify each browser and its associated session with the site. The actual session data is stored in the site database by default (this is more secure than storing the data in a cookie, where they are more vulnerable to malicious users).

How to handle sessions in Django?

If you want to use a database-backed session, you need to add 'django. contrib. sessions' to your INSTALLED_APPS setting. Once you have configured your installation, run manage.py migrate to install the single database table that stores session data.

How to store data in Django session?

By default, Django saves session information in database (django_session table or collection), but you can configure the engine to store information using other ways like: in file or in cache. When session is enabled, every request (first argument of any view in Django) has a session (dict) attribute.


1 Answers

You must be able to handle N concurrent queries (N - concurrent new users).

You see the difference at a very large scale only. You must be pessimist (server is down, bad buckup, amazon bancrupcy ) and your database must be able to handle all users in rush hours.

  • 10 000 000 users with cookie session will cost you 0$ extra, problems with iframes and mobiles
  • 10 000 000 users with cache session will cost you hundreds or less than hundred of dollars daily, lost sessions in case of restart
  • 10 000 000 users with cache_db session will cost you thousands of dollars daily (any persistent storage able to handle 1 000 000 hits in one time, 10% of users)

I use redis backend (periodic save to disk) with the possibility of switching to a cluster of memcached services.

http://www.icis.com/blogs/icis-chemicals-confidential/files/2011/10/19/goodcheapfast.jpg

like image 133
baklarz2048 Avatar answered Oct 16 '22 14:10

baklarz2048