You may want to first read about the difference between a session and a cookie.
Enable sessions
You will first want to ensure that your PHP container on Docker has sessions enabled. This can be done with the php -i command.
~]$ sudo docker exec php-fpm php -i
Session Support => enabled
Starting a session
Add session_start to the pages that you want to use sessions.
AVOID TROUBLE
session_start must be include in every PHP page that will use sessions.
session_start should be the very first markup in every PHP page (e.g. line 1).
<?php
session_start();
?>
When navigating to a page that includes session_start, a cookie will be created in the web browser with a unique session ID number.
You can now use var_dump or print_r to output the content of the $_SESSION array.
print_r ($_SESSION);
Which should just return an empty array, since no session keys have been set.
Array ( )
Session files
By default, the session.save_path option in the php.ini file is set to /tmp but commented out.
~]$ sudo docker exec php-fpm grep session.save_path
;session.save_path = "/tmp"
By default, session files are written to the /tmp directory in the container.
~]$ sudo docker exec php-fpm ls -l /tmp
-rw-------. 1 www-data www-data 0 Feb 13 10:56 sess_5qa3cfd1hb6l2e52aor4cina9v
-rw-------. 1 www-data www-data 0 Feb 13 10:56 sess_82j49jdq6p1bav7hgj1m3v77ja
-rw-------. 1 www-data www-data 37 Feb 13 10:54 sess_fak6d75ildu9jqik8f3vtpvgvu
-rw-------. 1 www-data www-data 0 Feb 13 10:57 sess_ifpsa6ovcodm90tffspqrgjro1
-rw-------. 1 www-data www-data 0 Feb 13 10:55 sess_k8f3nbb0l55pmsfe1o5boioko6
The /tmp directory in the container has drwxrwxrwt (1777) permissions, owned by root, and the following SELinux context.
- SELinux user = system_u
- SELinux role = object_r
- SELinux type = container_file_t
- SELinux level = s0
~]$ sudo docker exec php-fpm ls -lZ /
drwxrwxrwt. 1 root root system_u:object_r:container_file_t:s0:c683,c1022 18 Feb 5 13:59 tmp
Let's say you have 2 or more PHP containers in a cluster. In this scenario, you are going to want to share the sessions between the containers. There are multiple ways to accomplish this, such as putting the containers in the same Docker network, setting the load balancer with sticky sessions, storing the sessions in a database, and the list goes on. What I ended up doing was to store the sessions in a mounted volume and then using SCP to copy the sessions between the containers (more on this in a moment).
To store the sessions in a mounted volume, I start by updating the php.ini file to define a directory in the PHP container for the session files.
session.save_path = "/usr/local/sessions"
I create a directory on the Docker hosts, and set the directory to have drwxrwxrwt (1777) permissions, owned by root, and the matching SELinux context.
mkdir /usr/local/docker/php/sessions
chmod 1777 /usr/local/docker/php/sessions
sudo semanage fcontext -a -t container_file_t /usr/local/docker/php/sessions
sudo restorecon -vF /usr/local/docker/php/sessions
Then start the container, I use the --volume option to mount the php.ini file and the /usr/local/docker/php/sessions directory on the Docker host to the /usr/local/sessions directory in the container.
sudo docker run
--detach
--publish 0.0.0.0:9000:9000
--volume /usr/local/docker/php/php.ini:/usr/local/etc/php/php.ini
--volume /usr/local/docker/php/sessions:/usr/local/sessions
--name php-fpm
php:fpm
The /usr/local/sessions directory in the container should now have drwxrwxrwt (1777) permissions, owned by root, and the matching SELinux context.
~]$ sudo docker exec php-fpm ls -lZ /usr/local
drwsrwsrwt. 2 root root system_u:object_r:container_file_t:s0 162 Feb 13 12:20 sessions
And the session files should be written to /usr/local/sessions in the container.
~]$ ls -l /usr/local/sesssions
-rw-------. 1 www-data www-data 0 Feb 12 12:28 sess_j057t7hrv9d71p1vt1b010e080
Session ID
Here is how you could create the session ID variable. Refer to Creating a Session ID using session_id.
<?php
session_start();
$_SESSION['id'] = session_id();
?>
Did you find this article helpful?
If so, consider buying me a coffee over at 