Storing sessions in Memcached: The pitfalls

Some projects have a lot of web servers, and they need a Memcached server to store the non-sticky sessions. So, the users can access the web servers without any session problems.

One fine day…

Suddenly, some users face log out problems while everything is going right with your project.

You decided to analyze your code right away. Everything is ok with your code.
Most probably, Memcached deletes your users’ session data.

How so?

Let’s say; X user logged into the website and his session data has written to the Memcached server. Right after, hundreds of users logged into the website and there was no sufficient memory space in the Memcached server. The X user’s session data has deleted and that’s why the user has logged out.

Well, why Memcached deleted his session data?

For instance; You have set up 64 MB (example value) memory in the Memcached server. The all 64 MB memory space is in-use. Memcached would be applying LRU (Least Recently Used) to keys.

When Memcached applies the LRU algorithm, X user’s session will be deleted from the Memcached server’s memory.

If you don’t want to lose the sessions then you will have to store the sessions in a database that supports persistent storage.