Bug 1652558 - [RFE] Add memcached_servers option under keystone_authtoken into all services except keystone by T-H-T
Summary: [RFE] Add memcached_servers option under keystone_authtoken into all services...
Keywords:
Status: NEW
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-tripleo-heat-templates
Version: 13.0 (Queens)
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: ---
Assignee: Emilien Macchi
QA Contact: Gurenko Alex
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-11-22 11:22 UTC by Keigo Noha
Modified: 2020-02-16 05:22 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:


Attachments (Terms of Use)

Description Keigo Noha 2018-11-22 11:22:14 UTC
Description of problem:
RHOSP13 T-H-T configures keystone_authtoken/memecached_servers parameter.
The option has a benefit to reduce the keystone API call and improve the performance.

Configuring the parameter into all services except keystone has a benefit to all users.

Comment 1 Keigo Noha 2019-01-29 05:26:07 UTC
Hi Team,

Do you have any updates on this bugzilla?

Regards,
Keigo Noha

Comment 2 Keigo Noha 2019-02-26 00:51:45 UTC
Hi Emilien,

Do you have any updates on this bugzilla?

Regards,
Keigo Noha

Comment 3 Keigo Noha 2019-04-09 00:58:54 UTC
Hi Emilien,

Do you have any updates on this topic?

Comment 4 Takashi Kajinami 2019-09-11 03:57:41 UTC
Currently we have patch to implement this, proposed for master.

Nova     : already implemented
Cinder   : https://review.opendev.org/#/c/680845/
Neutron  : https://review.opendev.org/#/c/680852/
Glance   : https://review.opendev.org/#/c/680851/
Swift    : (Not yet implemented)
Heat     : https://review.opendev.org/#/c/680853/
Telemetry: https://review.opendev.org/#/c/681245/
Ironic   : https://review.opendev.org/#/c/680856/
Octavia  : https://review.opendev.org/#/c/680898/
Barbican : https://review.opendev.org/#/c/681371/

I believe the list includes all we need based on component supportability in RHOSP,
but let me know if I miss anything else required.

Also, I'm not sure whether we need it for swift as we already have cache middleware configured.
I guess we still need to configure memcache_servers in authtoken, but need confirmation.

Comment 5 Takashi Kajinami 2019-09-11 10:17:05 UTC
> Also, I'm not sure whether we need it for swift as we already have cache middleware configured.
> I guess we still need to configure memcache_servers in authtoken, but need confirmation.

Currently we have the following options configured in proxy-server.conf by default.
~~~
[filter:authtoken]
...
cache=swift.cache
~~~

This maes authtoken use the same cache backend as swift, which means that we already use memcache for token caching.

Comment 7 Keigo Noha 2019-10-10 01:13:27 UTC
Hi Emilien,

Would you look at c#6 and proceed the backport into RHOSP13?

Kind Regards,
Keigo Noha

Comment 8 Keigo Noha 2019-11-06 01:45:02 UTC
Hi Emilien,

Would you be able to consider the backport of the series of patches into RHOSP13?

Thanks,
Keigo Noha

Comment 9 Emilien Macchi 2019-11-06 09:13:12 UTC
Keigo, I'll delegate that decision to the security team who own these components.

Comment 10 Keigo Noha 2020-01-10 01:49:29 UTC
Hi Moises,

According to Emilien's update, this bugzilla should be handled by DFG:Security.
Would you look through the bugzilla and move it forward?

Best Regards,
Keigo Noha

Comment 11 Moises Guimaraes 2020-01-15 12:57:54 UTC
Hi Keigo,

Sure, I'll include it to our bug triage session this week.


Note You need to log in before you can comment on or make changes to this bug.