Page MenuHomePhabricator
Create Task
Maniphest T224995

Document that session TTL mismatch between Kask and MediaWiki (or other applications) will be silently ignored
Closed, ResolvedPublic
Actions

Description

Per T222907, we've decided that Kask will not use per-request TTLs, nor will it warn if the client tries to set per-request TTLs.

We will not put in complicated error-handling or logging code to check for mismatches between Kask's and MediaWiki's session-expiry times. We will assume that well-informed humans will not set those two values to wildly disparate values.

This should be made explicit with a warning comment in at least two places:

  • config.yaml.sample
  • the production config.yaml for WMF (I'm not sure where this lives)

Suggested warning text suggestion:

WARNING: a mismatch between default_ttl and your application's session timeout value might cause subtle problems in your application. Make sure that they are the same (in MediaWiki, the configuration option is $wgObjectCacheSessionExpiry).

Related Objects
Search...

Event Timeline

EvanProdromou created this task.Jun 4 2019, 2:52 PM
EvanProdromou mentioned this in T222907: Determine if per-request TTLs are needed.Jun 4 2019, 2:56 PM
Eevans added a comment.Jun 4 2019, 3:36 PM

I'm not sure config.yaml.sample is a good place. There isn't anything MediaWiki/Session storage-specific about Kask, and this warning is (specific). It'd be confusing in every other context.

Eevans added a comment.Jun 4 2019, 4:08 PM

In the short-term, production configuration lives in deploy1001:/srv/scap-helm/sessionstore/sessionstore-{codfw,eqiad,staging}-values.yaml. I've updated each of these files with the following comment.

# WARNING: The value of $wgObjectCacheSessionExpiry in MediaWiki must
# correspond to the TTL defined here; If you alter default_ttl, update
# MediaWiki accordingly or problems with session renewal/expiry may occur.
default_ttl: 86400

Longer-term, these files will be version-controlled as part of operations/deployment-charts repository (and will be initialized from the above files).

Eevans triaged this task as Medium priority.Jun 4 2019, 4:09 PM
Eevans added a project: User-Eevans.
Eevans added a comment.Jun 11 2019, 6:05 PM
In T224995#5234039, @Eevans wrote:

In the short-term, production configuration lives in deploy1001:/srv/scap-helm/sessionstore/sessionstore-{codfw,eqiad,staging}-values.yaml. I've updated each of these files with the following comment.

# WARNING: The value of $wgObjectCacheSessionExpiry in MediaWiki must
# correspond to the TTL defined here; If you alter default_ttl, update
# MediaWiki accordingly or problems with session renewal/expiry may occur.
default_ttl: 86400

Longer-term, these files will be version-controlled as part of operations/deployment-charts repository (and will be initialized from the above files).

FYI; Just leaving this ticket open to followup later and ensure that these comments make into the Git repository.

Eevans moved this task from Backlog to Blocked on the User-Eevans board.Jun 11 2019, 6:05 PM
CCicalese_WMF removed a project: Platform Team Legacy (Next).Jul 14 2019, 3:45 PM
WDoranWMF moved this task from Multi-DC (TEC1) to mop on the Platform Engineering board.Jul 26 2019, 6:47 PM
WDoranWMF edited projects, added Platform Team Initiatives (Multi-DC (TEC1)); removed Platform Engineering (Multi-DC (TEC1)).
EvanProdromou added a project: Platform Team Workboards (Green).Jul 30 2019, 5:00 PM
WDoranWMF moved this task from Backlog to Ready to Deploy on the Platform Team Workboards (Green) board.Aug 2 2019, 4:52 PM
Eevans moved this task from Ready to Deploy to Done on the Platform Team Workboards (Green) board.Aug 28 2019, 6:44 PM
In T224995#5250739, @Eevans wrote:
In T224995#5234039, @Eevans wrote:

In the short-term, production configuration lives in deploy1001:/srv/scap-helm/sessionstore/sessionstore-{codfw,eqiad,staging}-values.yaml. I've updated each of these files with the following comment.

# WARNING: The value of $wgObjectCacheSessionExpiry in MediaWiki must
# correspond to the TTL defined here; If you alter default_ttl, update
# MediaWiki accordingly or problems with session renewal/expiry may occur.
default_ttl: 86400

Longer-term, these files will be version-controlled as part of operations/deployment-charts repository (and will be initialized from the above files).

FYI; Just leaving this ticket open to followup later and ensure that these comments make into the Git repository.

These comments have landed in the deployment-charts repo; This is done

Eevans removed a project: User-Eevans.Aug 28 2019, 6:45 PM
eprodromou closed this task as Resolved.Mar 11 2020, 6:39 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL