| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Lines of code | 189 |
| Technical Name |
session_redis_gt |
| License | OPL-1 |
Session Store Redis
Lightning-Fast Session Management for Multi-Server Odoo - Production-Ready
Performance Boost: 95% faster sessions + True horizontal scaling
Persistent sessions | Auto migration | Secure rotation | Zero-downtime deployment
Problems WITHOUT Redis Sessions
Filesystem Session Issues:
- Slow I/O: 10-50ms per session read/write on disk
- No Multi-Server: Cannot share sessions between servers
- Sticky Sessions: Load balancing limited to IP-based routing
- Lost Sessions: Users logged out on server restart/crash
- Disk Failures: Session files = single point of failure
- Manual Cleanup: Old sessions never expire automatically
Scalability Impact:
- Multi-Server: IMPOSSIBLE
- Session I/O Latency: +300ms
- Load Balancing: Sticky only
- Deployment: Users kicked out
- Horizontal Scaling: NOT POSSIBLE
Critical: Filesystem sessions prevent true horizontal scaling!
Benefits WITH Redis Sessions
Performance Gains:
- Session Speed: 95% faster
- I/O Latency: <1ms
- Scalability: Unlimited workers/servers
- Availability: 99.9% uptime
- Deployment: Zero-downtime
Redis Advantages:
- Persistent Sessions: Survive server restarts and crashes
- Shared Storage: All workers/servers access same session pool
- Sliding Expiration: Auto-refresh TTL on each user access
- Secure Rotation: New session ID + token on login/logout
- Auto Cleanup: TTL-based expiration, no manual vacuum
- True Load Balancing: Round-robin, least-conn, any algorithm
- Auto Migration: Imports existing filesystem sessions
- Enterprise Ready: Clustering, replication, SSL/TLS
Redis Sessions vs Filesystem Sessions
| Feature | Redis Sessions | Filesystem Sessions |
|---|---|---|
| Storage Location | In-memory (Redis) | Disk files (slow) |
| Read/Write Speed | <1ms | 10-50ms |
| Multi-Server Support | Native, shared sessions | Requires sticky sessions |
| Persistence | Survives restarts | Can be lost |
| Horizontal Scaling | Unlimited workers/servers | Single server limited |
| Auto Expiration | TTL-based automatic | Manual vacuum needed |
| Session Rotation | Secure with tokens | Basic support |
| Monitoring & Debug | Redis CLI, stats, tools | Manual file inspection |
| Load Balancing | Any algorithm (round-robin, etc.) | IP-based sticky only |
| High Availability | Redis cluster/replica | Single point of failure |
Multi-Server Architecture
Session Flow with Redis - True Horizontal Scaling
Key Benefits:
- Auto Migration: First run imports all filesystem sessions
- Sliding Window: Session TTL refreshed on every access
- Secure Rotation: New ID + token on login/logout
- Production-Safe SCAN: List sessions without blocking
Security Features:
- Session Token: Validated on every request
- Rotation: New ID prevents session fixation
- Expiration: Configurable TTL with auto cleanup
- Graceful Fallback: Works even if Redis down temporarily
Installation & Configuration
Step 1: Install Redis Server
# Install Redis server
sudo apt-get install redis-server
# Install Python client
pip3 install redis
sudo apt-get install redis-server
# Install Python client
pip3 install redis
Step 2: Configure Redis
# Start Redis service
sudo systemctl start redis-server
sudo systemctl enable redis-server
# Test connection
redis-cli ping
# Expected output: PONG
sudo systemctl start redis-server
sudo systemctl enable redis-server
# Test connection
redis-cli ping
# Expected output: PONG
Step 3: Odoo Configuration
# Add to odoo.conf
[options]
server_wide_modules = base,web,session_redis_gt
redis_session_uri = redis://localhost:6379/1
redis_session_prefix = session:
redis_session_expiration = 604800 # 7 days in seconds
# For Redis with password:
# redis_session_uri = redis://:password@localhost:6379/1
# For Redis with SSL:
# redis_session_uri = rediss://localhost:6379/1
# Force reimport existing sessions (optional):
# redis_session_reimport = True
[options]
server_wide_modules = base,web,session_redis_gt
redis_session_uri = redis://localhost:6379/1
redis_session_prefix = session:
redis_session_expiration = 604800 # 7 days in seconds
# For Redis with password:
# redis_session_uri = redis://:password@localhost:6379/1
# For Redis with SSL:
# redis_session_uri = rediss://localhost:6379/1
# Force reimport existing sessions (optional):
# redis_session_reimport = True
CRITICAL: Must add to server_wide_modules for session store override!
Step 4: Restart Odoo
# Restart Odoo to load new session store
sudo systemctl restart odoo
# Check logs for successful Redis connection:
tail -f /var/log/odoo/odoo.log
# Look for: "Storing sessions with Redis service at redis://..."
sudo systemctl restart odoo
# Check logs for successful Redis connection:
tail -f /var/log/odoo/odoo.log
# Look for: "Storing sessions with Redis service at redis://..."
Auto Migration: On first run, all existing filesystem sessions are automatically imported to Redis!
Advanced Configuration Options
Connection URIs:
# Basic Redis
redis_session_uri = redis://localhost:6379/1
# With password
redis_session_uri = redis://:password@host:6379/1
# With username & password
redis_session_uri = redis://user:pass@host:6379/1
# Unix socket
redis_session_uri = unix:///tmp/redis.sock?db=1
# SSL/TLS
redis_session_uri = rediss://host:6379/1
redis_session_uri = redis://localhost:6379/1
# With password
redis_session_uri = redis://:password@host:6379/1
# With username & password
redis_session_uri = redis://user:pass@host:6379/1
# Unix socket
redis_session_uri = unix:///tmp/redis.sock?db=1
# SSL/TLS
redis_session_uri = rediss://host:6379/1
Session Policies:
# Standard (7 days)
redis_session_expiration = 604800
# Short-lived (1 day)
redis_session_expiration = 86400
# Long-lived (30 days)
redis_session_expiration = 2592000
# Use Odoo default
# (auto-detected from SESSION_LIFETIME)
# Force reimport from filesystem
redis_session_reimport = True
redis_session_expiration = 604800
# Short-lived (1 day)
redis_session_expiration = 86400
# Long-lived (30 days)
redis_session_expiration = 2592000
# Use Odoo default
# (auto-detected from SESSION_LIFETIME)
# Force reimport from filesystem
redis_session_reimport = True
Key Management:
# Environment separation
redis_session_prefix = prod:session:
# Multi-tenant
redis_session_prefix = tenant1:session:
# Version-specific
redis_session_prefix = v16:session:
# Multiple Odoo instances on same Redis
redis_session_prefix = app1:session:
# Another instance
redis_session_prefix = app2:session:
redis_session_prefix = prod:session:
# Multi-tenant
redis_session_prefix = tenant1:session:
# Version-specific
redis_session_prefix = v16:session:
# Multiple Odoo instances on same Redis
redis_session_prefix = app1:session:
# Another instance
redis_session_prefix = app2:session:
Monitoring & Troubleshooting
How to Monitor Redis Sessions
Redis Connection
redis-cli ping
redis-cli info stats
redis-cli info memory
redis-cli monitor
redis-cli info stats
redis-cli info memory
redis-cli monitor
Session Statistics
# Count sessions
redis-cli DBSIZE
# List sessions
redis-cli KEYS "session:*"
# Check expiration
redis-cli TTL "session:abc123"
redis-cli DBSIZE
# List sessions
redis-cli KEYS "session:*"
# Check expiration
redis-cli TTL "session:abc123"
Odoo Logs
"Storing sessions with Redis"
"Successfully imported N sessions"
"Failed to connect to Redis"
"Successfully imported N sessions"
"Failed to connect to Redis"
Troubleshooting Guide:
Problem: Connection refused
- Check if Redis is running: systemctl status redis
- Verify Redis host and port in URI
- Check firewall settings
Problem: Sessions not persisting
- Check expiration config
- Verify TTL: redis-cli TTL key
- Check Redis memory policy
Technical Implementation
Core Components:
- RedisSessionStore: Custom session store implementation
- Auto Migration: Import filesystem sessions on first run
- Session Rotation: Secure ID + token on login/logout
- SCAN Listing: Production-safe session enumeration
- Monkey Patching: Override root.session_store
Security Features:
- Session Token: Compute and validate tokens
- Secure Rotation: New SID on authentication
- SHA-1 Validation: Valid session ID format
- Sliding Expiration: Refresh TTL on access
- JSON Serialization: Safe data storage
Enterprise Features:
- HA Support: Redis cluster/replication
- SSL/TLS: Encrypted connections
- Graceful Fallback: Works if Redis temporarily down
- Zero-Downtime: Deploy without kicking users
- Multi-Tenant: Key prefix separation
Session Lifecycle
1. User Login
authenticate() â finalize()
should_rotate = True
authenticate() â finalize()
should_rotate = True
2. Rotate Session
Delete old SID
Generate new SID
Compute new token
Delete old SID
Generate new SID
Compute new token
3. Save to Redis
SETEX with TTL
JSON serialization
Prefixed key
SETEX with TTL
JSON serialization
Prefixed key
4. Sliding Window
Each access â EXPIRE
Reset TTL to max
Session stays alive
Each access â EXPIRE
Reset TTL to max
Session stays alive
Complete Your Redis Setup
ORM Cache Redis
Boost your database performance by 80% with Redis-backed ORM cache. Share cache across workers and persist through restarts.
- Persistent cache survives restarts
- Shared cache between all workers
- 70% reduction in database load
Pro Tip: Use both modules together for maximum Redis performance benefits
Why Choose Redis for Sessions?
Session Store Redis - Essential for Multi-Server Deployments!
Performance:
95% faster I/O
<1ms latency
95% faster I/O
<1ms latency
Scalability:
True load balancing
Unlimited servers
True load balancing
Unlimited servers
Security:
Token validation
Secure rotation
Token validation
Secure rotation
Enterprise:
Production ready
HA support
Production ready
HA support
Price: $49.9 USD - Essential for horizontal scaling!
Eliminate sticky sessions. Enable true horizontal scaling. Deploy with confidence.
Odoo Proprietary License v1.0 This software and associated files (the "Software") may only be used (executed, modified, executed after modifications) if you have purchased a valid license from the authors, typically via Odoo Apps, or if you have received a written agreement from the authors of the Software (see the COPYRIGHT file). You may develop Odoo modules that use the Software as a library (typically by depending on it, importing it and using its resources), but without copying any source code or material from the Software. You may distribute those modules under the license of your choice, provided that this license is compatible with the terms of the Odoo Proprietary License (For example: LGPL, MIT, or proprietary licenses similar to this one). It is forbidden to publish, distribute, sublicense, or sell copies of the Software or modified copies of the Software. The above copyright notice and this permission notice must be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Please log in to comment on this module