Performance Engineering: Caching sessions, common pitfalls, effects on performance, and Scalability limitations.

Have always been dealing with sessions and accept cookies to handle session. Let's uncover it and understand it's performance impact.

What is an HTTP session ?

HTTP is stateless protocol. Right.

So , Question 1: how could we maintain information regarding user session ?

Before we answer this, Why do we even need to have session created and it's information persist ??

You open amazon or any eCommerce website , what you usually do:

1. Search or navigate few products
2. Add a few of them to the cart
3. Now, if you close the page , all your efforts goes to waste as all the selected products are lost from the cart.
4. That's where session info becomes important - i) to serve user better ii) provide personalised recommendation based on user/session activity.

Once a user connects to your application a session is created.

Session is a technique to retain state over a stateless nature of HTTP protocol.        

Example of HTTP session details from chrome:

HTTP session details can be viewed via chrome(your browser), for chrome follow these steps:

1. Open chrome dev tools : Ctrl+Shift+I
2. Go to Applications Tab
3. On left hand side, you can see Storage, session storage and cookies below that for the current website
4. Click, session ID cookies to view session ID or any other cookie to view other information.

How is session details handled on server side

This session id is sent along with request to the server which is used to extract and respond with session specific data.

Based on user base , there could be millions of active session at a time. To handle and store the session various ways are:

1. FIle system storage
2. In- memory store
3. Key-value based data store
4. Database like mysql

Session caching anti-pattern

It's very tempting to store and cache every user related details. This leads to misuse and bloating of session storage and caches with unnecessary data too.

Few of the session caching anti-patterns are:

1. Session bloating: Caching unnecessary items as well. For example: common artifcats which can be shared across sessions and users should not be cached in session.
2. No Caching: Not using session to cache anything resulting in more request to server and increased server load as well latency.
3. No Expiration: Not expiring session details even after session expiration.

Performance impact:

Session caching is technique to boost performance and user management but above anit-patterns or more leads to performance degradation:

1. Latency degradation: Both not using caching as well excessive session bloating leads to increase in latency
2. Over Resource saturation: More storage , memory as well as CPU cycles are required in case of anti-patterns
3. Scalability bottlenecks: More servers are needed as session storage per session increases for same user base.

More user traffic can be handled with effective session handling and caching implementation.

Next step:

Perform activity with low and high session storage.