The current session store interface leaves some parts of the session managed by core in mdl_sessions. So this table gets a lot of contention even if you push it of to redis. This seems to surprise a lot of people that moodle still touches mdl_sessions and is counter intuitive.
I believe the main historical reason for this is that some session stores are simple key / value stores and so things like 'how many sessions do I have' is hard / impossible / slow. But this isn't the case with many potential implementations, eg redis.
1) Move any functionality that touches the session table into new methods in the handler.php abstract class which do exactly the same thing.
eg some example new methods:
would be called here:
The naming / interface of these methods would be carefully constructed by design so that some of them could serve double duty and one of them would be a noop.
2) Slightly improve the performance of the session/database.php so it only touches the tables once instead of twice,. eg updating the session data, and updating the session metadata would be done in the same method.
3) For certain session stores like redis, override these methods so that mdl_session isn't touched at all. As above, it would save and read all session data and metadata in a single redis call.