I think this should work for the migration period. I think if we use this for the session TTL duration (or, let's say, 2x the TTL to be safe), we could then swap it out and just use the new storage.

I have to admit that I'm not sure how our roll-out process works, but I assume there's some period of time in which some servers use the old config, and others use the new config. So I think we should be ready for the following states:

• Old session storage (this is now)
• Mixed old session storage, migration storage (rollout period)
• Migration storage (all servers have migration config)
• Mixed migration storage, new storage (rollout period 2)
• New storage (where we want to go)

There might be some race conditions during the rollout period that we'd want to be prepared for.

• MultiWriteBagOStuff: similar, but without the read fallback

The class comment says "Reads are implemented by reading from the caches in the order they are given in the configuration until a cache gives a positive result." The code seems to match.

It has different write semantics than you ask for though, as it will write to both the new and old stores.

In T222742#5165218, @EvanProdromou wrote:

I have to admit that I'm not sure how our roll-out process works, but I assume there's some period of time in which some servers use the old config, and others use the new config.

There are three answers to that question:

• For a few seconds or minutes during the actual scap, you may have processes running with the old code/config and the new code/config at the same time. Some of that time is intentional: a few "canary" hosts are updated first, then it waits to see if error rates immediately spike on those hosts before doing the rest.
• For code changes riding the train, the wikis are divided into three groups (0, 1, and 2) which are normally deployed on Tuesday, Wednesday, and Thursday each week. Thus, different wikis will be running different code as the train rolls out.
  • Note that configuration changes (meaning the operations/mediawiki-config repository) do not ride the train.
• Configuration can vary by wiki, with these differences persisting until someone changes them manually. This is often used to roll out changes to a smaller set of wikis for live testing and performance monitoring under load before giving it to the big wikis like enwiki.

The class comment says "Reads are implemented by reading from the caches in the order they are given in the configuration until a cache gives a positive result." The code seems to match.
It has different write semantics than you ask for though, as it will write to both the new and old stores.

So, that's good! As long as it's always going to read in order, then just making the order [new, old] should work for this case...?

I have to admit that I'm not sure how our roll-out process works, but I assume there's some period of time in which some servers use the old config, and others use the new config.

• For a few seconds or minutes during the actual scap, you may have processes running with the old code/config and the new code/config at the same time. Some of that time is intentional: a few "canary" hosts are updated first, then it waits to see if error rates immediately spike on those hosts before doing the rest.

This is the rollout period I was concerned about. I estimate that we write a lot of sessions (O(10^3)? O(10^4)?) during a rollout period, so we might want to consider that.

I think the multi-write configuration makes sense in this situation.

So, it seems like the MultiWriteBagOStuff does what we need. It will be slightly inefficient, since it will do unnecessary writes to the old store, but that will probably be OK and actually be more robust during rollout period.

@BPirkle could you confirm that this class works for session storage with RESTBagOStuff as the "new" back end, and maybe Redis as the "old" backend? If that's the case, I think we can close this ticket.

I've created a ticket for doing the configuration options for RESTBagOStuff at T224993, so I'm closing this down.