session storage across rewrites

david.birdsong · 2015-02-11T11:15:11+00:00

Hello! On Wed, Feb 11, 2015 at 11:42 PM, li...@die-jansens.de wrote: > > So I take it that I currently can't do that. What I'm wondering about is &gt...

session storage across rewrites

david.birdsong

Just wanted to double check my understanding about ctx. A new ctx is created after any rewrites, correct?

What's the best way to store data across rewrites? I have a session ID I could use to key into my own module-level table, but I'd be concerned about that table gets cleaned up properly by me and my code. I expect that log_by_lua is probably the best phase handler to do the cleanup?

Is there something more appropriate?

agentzh

Hello!

On Tue, Feb 10, 2015 at 7:15 PM, David Birdsong wrote:
> Just wanted to double check my understanding about ctx. A new ctx is created
> after any rewrites, correct?
>

ngx.ctx and ngx_lua's own ctx data (as well as any other nginx C
mdoule's own ctx data) get flushed by design in the nginx core upon
internal redirects. The only exception is the internal redirect
initiated by the standard "rewrite" directive and ngx_lua's
counterpart (ngx.req.set_uri + rewrite_by_lua*).

This is nginx's design decision and it does make sense because
internal redirects are like the "exec" command in shell. The previous
location's state should not have any chance to "pollute" and confuse
the new location jumped into. It's about avoiding bad side-effects.

> What's the best way to store data across rewrites?

No, this is explicitly prohibited by nginx core's design. You can use
dirty hacks to work-around this limitation, like temporarily padding
your own state data to the current request URI or querystring, but
that's evil and dirty.

> I have a session ID I
> could use to key into my own module-level table, but I'd be concerned about
> that table gets cleaned up properly by me and my code. I expect that
> log_by_lua is probably the best phase handler to do the cleanup?
>

I suggest you always construct the session ID upon a rewrite or access
phase handler, no matter it is the original location matched or a new
location jumped to.

Regards,
-agentzh

david.birdsong

On Wed Feb 11 2015 at 12:33:27 PM Yichun Zhang (agentzh) <age...@gmail.com> wrote:

Hello!

On Tue, Feb 10, 2015 at 7:15 PM, David Birdsong wrote:
> Just wanted to double check my understanding about ctx. A new ctx is created
> after any rewrites, correct?
>

ngx.ctx and ngx_lua's own ctx data (as well as any other nginx C
mdoule's own ctx data) get flushed by design in the nginx core upon
internal redirects. The only exception is the internal redirect
initiated by the standard "rewrite" directive and ngx_lua's
counterpart (ngx.req.set_uri + rewrite_by_lua*).

Oh interesting.

So If I set

ngx.ctx.f = {foo='bar'}

ngx.req_set_uri('/newlocation', tru)

in rewrite_by_lua

will ngx.ctx.f be nil in '/newlocation' or will it have the value of that table?

This is nginx's design decision and it does make sense because
internal redirects are like the "exec" command in shell. The previous
location's state should not have any chance to "pollute" and confuse
the new location jumped into. It's about avoiding bad side-effects.

I totally get that, but there are data whose lookups costs I'd like to pay only once and that data remain pertinent throughout the request on any given connection. In my case, rewrites exist to get out of error_page locations which then get to try other backends given the data that was stored at the beginning of the request allows a particular request to continue.

> What's the best way to store data across rewrites?

No, this is explicitly prohibited by nginx core's design. You can use
dirty hacks to work-around this limitation, like temporarily padding
your own state data to the current request URI or querystring, but
that's evil and dirty.

Agreed, although admittedly the session ID which we pass back and forth in headers is not that different from data stored in querystring or URI.

> I have a session ID I
> could use to key into my own module-level table, but I'd be concerned about
> that table gets cleaned up properly by me and my code. I expect that
> log_by_lua is probably the best phase handler to do the cleanup?
>

I suggest you always construct the session ID upon a rewrite or access
phase handler, no matter it is the original location matched or a new
location jumped to.

Session ID's are created at a higher layer in my stack and get passed back and forth in headers. I was simply providing it as an example piece of data that could be used to key into a module level table that I would initialize and maintain.

Regards,
-agentzh.

agentzh

Hello!

On Wed, Feb 11, 2015 at 2:58 PM, David Birdsong wrote:
> So If I set
>  ngx.ctx.f = {foo='bar'}
> ngx.req_set_uri('/newlocation', tru)
> in rewrite_by_lua
> will ngx.ctx.f be nil in '/newlocation' or will it have the value of that
> table?
>

Not really. Even though the nginx core does not clear the C modules'
ctx on the C land, ngx_lua explicitly clears its own ctx data for
consistency with other (more normal) internal redirects.

> I totally get that, but there are data whose lookups costs I'd like to pay
> only once and that data remain pertinent throughout the request on any given
> connection. In my case, rewrites exist to get out of error_page locations
> which then get to try other backends given the data that was stored at the
> beginning of the request allows a particular request to continue.
>

Better avoid doing any complicated things after error_page is
triggered. It is known to cause bad issues in some cases (well, issues
in the nginx core, having nothing to do with ngx_lua though). Try
redesigning your request handling flow.

Basically one should never do any heavy-lifting before jumping to the
final location doing the real work.

> Agreed, although admittedly the session ID which we pass back and forth in
> headers is not that different from data stored in querystring or URI.
>

Abusing headers is a valid hack for this as well. Having said that,
it's hard to maintain and should be eliminated if possible.

> Session ID's are created at a higher layer in my stack and get passed back
> and forth in headers. I was simply providing it as an example piece of data
> that could be used to key into a module level table that I would initialize
> and maintain.
>

Though it's an undocumented feature, you can use the Lua global
variable __ngx_req to identify the current request, no matter how many
times internal redirects happen in the request's lifetime. Mind you,
it is a lightuserdata pointing to the underlying ngx_http_request_t
struct. Well, it's just another hack :)

Regards,
-agentzh

agentzh

Hello!

On Wed, Feb 11, 2015 at 3:20 PM, Yichun Zhang (agentzh) wrote:
> Though it's an undocumented feature, you can use the Lua global
> variable __ngx_req to identify the current request, no matter how many
> times internal redirects happen in the request's lifetime. Mind you,
> it is a lightuserdata pointing to the underlying ngx_http_request_t
> struct. Well, it's just another hack :)
>

Oh I forgot to mention that nginx variables do survive across internal
redirects. You can use that to do the trick. Consider the following
(naive) example:

    location = /t {
        set $a 3;
        echo_exec /t2;
    }

    location = /t2 {
        content_by_lua '
            ngx.say("a = ", ngx.var.a)
        ';
    }

where the internal redirect is initiated in location = /t via echo_exec to /t2.

Accessing /t gives:

    a = 3

Regards,
-agentzh

david.birdsong

On Wed Feb 11 2015 at 3:24:33 PM Yichun Zhang (agentzh) <age...@gmail.com> wrote:

Hello!

On Wed, Feb 11, 2015 at 3:20 PM, Yichun Zhang (agentzh) wrote:
> Though it's an undocumented feature, you can use the Lua global
> variable __ngx_req to identify the current request, no matter how many
> times internal redirects happen in the request's lifetime. Mind you,
> it is a lightuserdata pointing to the underlying ngx_http_request_t
> struct. Well, it's just another hack :)

ooh, this is very tempting, but is it a terrible idea?

local m = getmetatable(__ngx_req)

m.userdata = <mystuff>

>

Oh I forgot to mention that nginx variables do survive across internal
redirects. You can use that to do the trick. Consider the following
(naive) example:

location = /t {
set $a 3;
echo_exec /t2;
}

location = /t2 {
content_by_lua '
ngx.say("a = ", ngx.var.a)
';
}

where the internal redirect is initiated in location = /t via echo_exec to /t2.

thanks for pointing this out. i've run into this anecdotally and wasn't sure what was going on. glad to see it's expected.

i've never tried storing anything other than strings in ngx vars since the docs say there's a high cost in accessing nginx variables.

Accessing /t gives:

a = 3

Regards,
-agentzh.

agentzh

Hello!

On Wed, Feb 11, 2015 at 4:05 PM, David Birdsong wrote:
>
> ooh, this is very tempting, but is it a terrible idea?
> local m = getmetatable(__ngx_req)
> m.userdata = <mystuff>
>

I don't think lightuserdata in Lua supports metatables. They are
unlike userdata objects, which are GC objects.

You should only use the literal (pointer) value of __ngx_req.

> thanks for pointing this out. i've run into this anecdotally and wasn't sure
> what was going on. glad to see it's expected.
>
> i've never tried storing anything other than strings in ngx vars since the
> docs say there's a high cost in accessing nginx variables.
>

Yes, nginx variables can only hold string values by the nginx core's
design. If you need to put complicated Lua data structures into them,
you need (expensive) serialization and de-serialization.

Regards,
-agentzh

david.birdsong

On Wed Feb 11 2015 at 4:12:20 PM Yichun Zhang (agentzh) <age...@gmail.com> wrote:

Hello!

On Wed, Feb 11, 2015 at 4:05 PM, David Birdsong wrote:
>
> ooh, this is very tempting, but is it a terrible idea?
> local m = getmetatable(__ngx_req)
> m.userdata = <mystuff>
>

I don't think lightuserdata in Lua supports metatables. They are
unlike userdata objects, which are GC objects.

You should only use the literal (pointer) value of __ngx_req.

Just in testing I found that I could assign to the returned table, ie this worked:

local m = getmetatable(__ngx_req)

m.userdata = {}

and later after a rewrite I could access that same table.

but I get that just because I can do it, doesn't mean I should.

> thanks for pointing this out. i've run into this anecdotally and wasn't sure
> what was going on. glad to see it's expected.
>
> i've never tried storing anything other than strings in ngx vars since the
> docs say there's a high cost in accessing nginx variables.
>

Yes, nginx variables can only hold string values by the nginx core's
design. If you need to put complicated Lua data structures into them,
you need (expensive) serialization and de-serialization.

Unless you have a warning against it. I think what I've learned is closest to what I want is a module level table and I can key off of '__ngx_req'. Any exit points I'll add a log_by_lua handler to remove that key from the module table.

This has the added benefit of storing bits learned throughout the request that I was hoping to group together and emit in some sort of structured log.

Regards,
-agentzh.

quae

On 11 February 2015 at 19:38, David Birdsong <david....@gmail.com> wrote:
> Just in testing I found that I could assign to the returned table, ie this
> worked:
> local m = getmetatable(__ngx_req)
> m.userdata = {}
>
> and later after a rewrite I could access that same table.
>
> but I get that just because I can do it, doesn't mean I should.

The lightuserdata metatable is shared by *all* lightuserdata in your
lua state (i.e. nginx worker).
This is a bad idea :)

agentzh

Hello!

On Wed, Feb 11, 2015 at 4:38 PM, David Birdsong wrote:
>
> Just in testing I found that I could assign to the returned table, ie this
> worked:
> local m = getmetatable(__ngx_req)
> m.userdata = {}
>
> and later after a rewrite I could access that same table.

I wonder how that is even possible. I've tried LuaJIT 2.0, LuaJIT 2.1,
and the standard Lua 5.1.5 interpreter and always get the following
runtime error with your example:

    attempt to index local 'm' (a nil value)

Maybe you're using a standard Lua 5.1 interpreter with Lua 5.0 compatibility?

Please note that even if you *can* configure the metatable of a
lightuserdata, it should affect *all* the lightuserdata (as already
pointed out by Daurnimator), regardless the value of __ngx_req (and
also including other lightuserdata like ngx.null). So it won't work as
you'd expect. This is because lightuserdata is not an "object" per se.

> Unless you have a warning against it. I think what I've learned is closest
> to what I want is a module level table and I can key off of  '__ngx_req'.
> Any exit points I'll add a log_by_lua handler to remove that key from the
> module table.
>

It's fine to directly use __ngx_req as the table keys.

> This has the added benefit of storing bits learned throughout the request
> that I was hoping to group together and emit in some sort of structured log.
>

Fine. __ngx_req is a good request ID when the request is still alive
(note: it can get recycled by later requests when the current request
is finalized though).

Regards,
-agentzh

david.birdsong

On Thu, Feb 12, 2015 at 12:24 PM Yichun Zhang (agentzh) <age...@gmail.com> wrote:

Hello!

On Wed, Feb 11, 2015 at 4:38 PM, David Birdsong wrote:
>
> Just in testing I found that I could assign to the returned table, ie this
> worked:
> local m = getmetatable(__ngx_req)
> m.userdata = {}
>
> and later after a rewrite I could access that same table.

I wonder how that is even possible. I've tried LuaJIT 2.0, LuaJIT 2.1,
and the standard Lua 5.1.5 interpreter and always get the following
runtime error with your example:

attempt to index local 'm' (a nil value)

Maybe you're using a standard Lua 5.1 interpreter with Lua 5.0 compatibility?

Please note that even if you *can* configure the metatable of a
lightuserdata, it should affect *all* the lightuserdata (as already
pointed out by Daurnimator), regardless the value of __ngx_req (and
also including other lightuserdata like ngx.null). So it won't work as
you'd expect. This is because lightuserdata is not an "object" per se.

> Unless you have a warning against it. I think what I've learned is closest
> to what I want is a module level table and I can key off of '__ngx_req'.
> Any exit points I'll add a log_by_lua handler to remove that key from the
> module table.
>

It's fine to directly use __ngx_req as the table keys.

> This has the added benefit of storing bits learned throughout the request
> that I was hoping to group together and emit in some sort of structured log.
>

Fine. __ngx_req is a good request ID when the request is still alive
(note: it can get recycled by later requests when the current request
is finalized though).

Is __ngx_req recycled prior to log_by_lua phase?

Regards,
-agentzh.

agentzh

Hello!

On Wed, Feb 25, 2015 at 2:27 PM, David Birdsong wrote:
>
> Is  __ngx_req recycled prior to log_by_lua phase?
>

The __ngx_req value is a lightuserdata, which is not a GC object at
all, just like a Lua number or a Lua boolean, which are always ignored
by GC.

Regards,
-agentzh