Page MenuHomePhabricator

Document that session TTL mismatch between Kask and MediaWiki (or other applications) will be silently ignored
Open, NormalPublic

Description

Per T222907, we've decided that Kask will not use per-request TTLs, nor will it warn if the client tries to set per-request TTLs.

We will not put in complicated error-handling or logging code to check for mismatches between Kask's and MediaWiki's session-expiry times. We will assume that well-informed humans will not set those two values to wildly disparate values.

This should be made explicit with a warning comment in at least two places:

  • config.yaml.sample
  • the production config.yaml for WMF (I'm not sure where this lives)

Suggested warning text suggestion:

WARNING: a mismatch between default_ttl and your application's session timeout value might cause subtle problems in your application. Make sure that they are the same (in MediaWiki, the configuration option is $wgObjectCacheSessionExpiry).

Event Timeline

Eevans added a comment.Jun 4 2019, 3:36 PM

I'm not sure config.yaml.sample is a good place. There isn't anything MediaWiki/Session storage-specific about Kask, and this warning is (specific). It'd be confusing in every other context.

Eevans added a comment.Jun 4 2019, 4:08 PM

In the short-term, production configuration lives in deploy1001:/srv/scap-helm/sessionstore/sessionstore-{codfw,eqiad,staging}-values.yaml. I've updated each of these files with the following comment.

# WARNING: The value of $wgObjectCacheSessionExpiry in MediaWiki must
# correspond to the TTL defined here; If you alter default_ttl, update
# MediaWiki accordingly or problems with session renewal/expiry may occur.
default_ttl: 86400

Longer-term, these files will be version-controlled as part of operations/deployment-charts repository (and will be initialized from the above files).

Eevans triaged this task as Normal priority.Jun 4 2019, 4:09 PM
Eevans added a project: User-Eevans.

In the short-term, production configuration lives in deploy1001:/srv/scap-helm/sessionstore/sessionstore-{codfw,eqiad,staging}-values.yaml. I've updated each of these files with the following comment.

# WARNING: The value of $wgObjectCacheSessionExpiry in MediaWiki must
# correspond to the TTL defined here; If you alter default_ttl, update
# MediaWiki accordingly or problems with session renewal/expiry may occur.
default_ttl: 86400

Longer-term, these files will be version-controlled as part of operations/deployment-charts repository (and will be initialized from the above files).

FYI; Just leaving this ticket open to followup later and ensure that these comments make into the Git repository.

Eevans moved this task from Backlog to Blocked on the User-Eevans board.Jun 11 2019, 6:05 PM