Description of problem: RHOSP13 T-H-T configures keystone_authtoken/memecached_servers parameter. The option has a benefit to reduce the keystone API call and improve the performance. Configuring the parameter into all services except keystone has a benefit to all users.
Hi Team, Do you have any updates on this bugzilla? Regards, Keigo Noha
Hi Emilien, Do you have any updates on this bugzilla? Regards, Keigo Noha
Hi Emilien, Do you have any updates on this topic?
Currently we have patch to implement this, proposed for master. Nova : already implemented Cinder : https://review.opendev.org/#/c/680845/ Neutron : https://review.opendev.org/#/c/680852/ Glance : https://review.opendev.org/#/c/680851/ Swift : (Not yet implemented) Heat : https://review.opendev.org/#/c/680853/ Telemetry: https://review.opendev.org/#/c/681245/ Ironic : https://review.opendev.org/#/c/680856/ Octavia : https://review.opendev.org/#/c/680898/ Barbican : https://review.opendev.org/#/c/681371/ I believe the list includes all we need based on component supportability in RHOSP, but let me know if I miss anything else required. Also, I'm not sure whether we need it for swift as we already have cache middleware configured. I guess we still need to configure memcache_servers in authtoken, but need confirmation.
> Also, I'm not sure whether we need it for swift as we already have cache middleware configured. > I guess we still need to configure memcache_servers in authtoken, but need confirmation. Currently we have the following options configured in proxy-server.conf by default. ~~~ [filter:authtoken] ... cache=swift.cache ~~~ This maes authtoken use the same cache backend as swift, which means that we already use memcache for token caching.
Nova : already implemented Cinder : https://review.opendev.org/#/c/680845/ Neutron : https://review.opendev.org/#/c/680852/ Glance : https://review.opendev.org/#/c/680851/ Swift : N/A Heat : https://review.opendev.org/#/c/680853/ Telemetry: https://review.opendev.org/#/c/681245/ Ironic : https://review.opendev.org/#/c/680856/ Octavia : https://review.opendev.org/#/c/680898/ Barbican : https://review.opendev.org/#/c/681371/ Manila : https://review.opendev.org/#/c/683784/ https://review.opendev.org/#/q/project:%22%255Eopenstack/.*tripleo.*%22+intopic:authtoken-memcache Now the implementation for the all components in full-support status has been merged into master.
Hi Emilien, Would you look at c#6 and proceed the backport into RHOSP13? Kind Regards, Keigo Noha
Hi Emilien, Would you be able to consider the backport of the series of patches into RHOSP13? Thanks, Keigo Noha
Keigo, I'll delegate that decision to the security team who own these components.
Hi Moises, According to Emilien's update, this bugzilla should be handled by DFG:Security. Would you look through the bugzilla and move it forward? Best Regards, Keigo Noha
Hi Keigo, Sure, I'll include it to our bug triage session this week.
Hi, I'm triaging this BZ for OSP16.1.3 as a TestOnly, since the code is there for a while, we just want to confirm that everything works just fine and we have support for it. I'm not sure if we'll be able to backport it for OSP13, it sounds like a good amount of work/risk to backport all of those patches, we're going to need to make a deeper investigation regarding the backport possibility for this BZ.
According to our records, this should be resolved by puppet-tripleo-11.5.0-1.20200914161840.f716ef5.el8ost. This build is available now.
Exception + flag given