Use memcache for keystone_authtoken

That allow to cache keyston authtoken in local instance of memcached.
Commit adds new global variable local_memcached_server and force all
capable services use it. That should improve speed of operations in
that services.
Initial job has been started in LP#1597512. But that commit also
include improvements from #1657727.

Closes-Bug: #1597512
Closes-bug: #1657727

Change-Id: I6004a8366ddc639feb1aed55b6dfbaf626f82839

deployment/puppet/osnailyfacter/modular/ceilometer/controller.pp

@@ -59,6 +59,9 @@ $ha_mode                    = pick($ceilometer_hash['ha_mode'], true)
 prepare_network_config(hiera('network_scheme', {}))
 $api_bind_address           = get_network_role_property('ceilometer/api', 'ipaddr')
 
+$local_memcached_server = hiera('local_memcached_server')
+
+
 if $ceilometer_hash['enabled'] {
   if $external_mongo {
     $mongo_hosts = $exteranl_mongo_hash['hosts_ip']
@@ -108,4 +111,8 @@ if ($ceilometer_enabled) {
     metering_time_to_live => $ceilometer_hash['metering_time_to_live'],
     http_timeout          => $ceilometer_hash['http_timeout'],
   }
+
+  ceilometer_config {
+    'keystone_authtoken/memcached_servers' : value => $local_memcached_server,
+  }
 }

deployment/puppet/osnailyfacter/modular/glance/glance.pp

@@ -56,6 +56,8 @@ $glance_large_object_size       = pick($glance_hash['large_object_size'], '5120'
 
 $rados_connect_timeout          = '30'
 
+$local_memcached_server = hiera('local_memcached_server')
+
 if ($storage_hash['images_ceph']) {
   $glance_backend = 'ceph'
   $glance_known_stores = [ 'glance.store.rbd.Store', 'glance.store.http.Store' ]
@@ -119,6 +121,14 @@ class { 'openstack::glance':
   rados_connect_timeout          => $rados_connect_timeout,
  }
 
+glance_api_config {
+  'keystone_authtoken/memcached_servers' : value => $local_memcached_server,
+}
+
+glance_registry_config {
+  'keystone_authtoken/memcached_servers' : value => $local_memcached_server,
+}
+
 ####### Disable upstart startup on install #######
 if($::operatingsystem == 'Ubuntu') {
   tweaks::ubuntu_service_override { 'glance-api':

deployment/puppet/osnailyfacter/modular/globals/globals.pp

@@ -278,6 +278,23 @@ if $public_ssl_hash['services'] {
   $nova_hash['vncproxy_protocol'] = 'http'
 }
 
+# Define how we should get memcache addresses
+if hiera('memcached_addresses', false) {
+  # need this to successful lookup from template
+  $memcached_addresses = hiera('memcached_addresses')
+} else {
+  $memcache_nodes = get_nodes_hash_by_roles(hiera_hash('network_metadata'), $memcache_roles)
+  $memcached_addresses = ipsort(values(get_node_to_ipaddr_map_by_network_role($memcache_nodes, 'mgmt/memcache')))
+}
+$memcached_port    = hiera('memcache_server_port', '11211')
+$memcached_servers = suffix($memcached_addresses, ":${memcached_port}")
+
+# LP1621541 In order to increase nova performance after failover,
+# we need to point nova to local memcached instance for keystone tokens,
+# in future we can consider moving memcached under HAproxy
+$memcached_bind_address = get_network_role_property('mgmt/memcache', 'ipaddr')
+$local_memcached_server = "${memcached_bind_address}:${memcached_port}"
+
 ##################### DO NOT USE BELOW VARIABLES ANYMORE ############################
 #           THEY ARE DEPRECATED AND WILL BE REMOVED IN NEXT RELEASE
 $internal_int     = get_network_role_property('management', 'interface')

deployment/puppet/osnailyfacter/modular/heat/heat.pp

@@ -16,6 +16,7 @@ $use_syslog               = hiera('use_syslog', true)
 $syslog_log_facility_heat = hiera('syslog_log_facility_heat')
 $deployment_mode          = hiera('deployment_mode')
 $bind_address             = get_network_role_property('heat/api', 'ipaddr')
+$local_memcached_server  = hiera('local_memcached_server')
 $database_password        = $heat_hash['db_password']
 $keystone_user            = pick($heat_hash['user'], 'heat')
 $keystone_tenant          = pick($heat_hash['tenant'], 'services')
@@ -86,6 +87,11 @@ if hiera('heat_ha_engine', true){
   }
 }
 
+# Turn on Caching for Heat validation process
+heat_config {
+  'keystone_authtoken/memcached_servers' : value => $local_memcached_server,
+}
+
 #------------------------------
 
 class heat::docker_resource (

deployment/puppet/osnailyfacter/modular/murano/murano.pp

@@ -23,6 +23,7 @@ $rabbit_ha_queues           = hiera('rabbit_ha_queues')
 $amqp_port                  = hiera('amqp_port')
 $amqp_hosts                 = hiera('amqp_hosts')
 $public_ssl                 = hiera_hash('public_ssl', {})
+$local_memcached_server          = hiera('local_memcached_server')
 
 #################################################################
 
@@ -100,6 +101,10 @@ if $murano_hash['enabled'] {
     external_network    => $external_network,
   }
 
+  murano_config {
+    'keystone_authtoken/memcached_servers' : value => $local_memcached_server,
+  }
+
   class { 'murano::api':
     host => $api_bind_host,
     port => $api_bind_port,

deployment/puppet/osnailyfacter/modular/openstack-cinder/openstack-cinder.pp

@@ -14,6 +14,7 @@ $rabbit_hash           = hiera_hash('rabbit_hash', {})
 $service_endpoint      = hiera('service_endpoint')
 $service_workers       = pick($cinder_hash['workers'],
                               min(max($::processorcount, 2), 16))
+$local_memcached_server = hiera('local_memcached_server')
 
 $cinder_db_password    = $cinder_hash[db_password]
 $cinder_user_password  = $cinder_hash[user_password]
@@ -94,6 +95,10 @@ class {'openstack::cinder':
   service_workers      => $service_workers,
 } # end class
 
+cinder_config {
+  'keystone_authtoken/memcached_servers' : value => $local_memcached_server,
+}
+
 if $storage_hash['volumes_block_device'] or ($sahara_hash['enabled'] and $storage_hash['volumes_lvm']) {
     $cinder_scheduler_filters = [ 'InstanceLocalityFilter' ]
 } else {

deployment/puppet/osnailyfacter/modular/openstack-controller/openstack-controller.pp

@@ -40,6 +40,7 @@ $glance_api_servers             = hiera('glance_api_servers', "$management_vip:9
 $region                         = hiera('region', 'RegionOne')
 $service_workers                = pick($nova_hash['workers'],
                                         min(max($::processorcount, 2), 16))
+$local_memcached_server        = hiera('local_memcached_server')
 
 $memcache_nodes                 = get_nodes_hash_by_roles(hiera('network_metadata'), hiera('memcache_roles'))
 $memcache_ipaddrs               = ipsort(values(get_node_to_ipaddr_map_by_network_role($memcache_nodes,'mgmt/memcache')))
@@ -142,7 +143,10 @@ class { '::openstack::controller':
 package { 'socat': ensure => present }
 
 #TODO: PUT this configuration stanza into nova class
-nova_config { 'DEFAULT/use_cow_images':                   value => hiera('use_cow_images')}
+nova_config {
+  'DEFAULT/use_cow_images':               value => hiera('use_cow_images');
+  'keystone_authtoken/memcached_servers': value => $local_memcached_server,
+}
 
 if $primary_controller {
 

deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-compute.pp

@@ -12,6 +12,7 @@ $auto_assign_floating_ip        = hiera('auto_assign_floating_ip', false)
 $rabbit_hash                    = hiera_hash('rabbit_hash', {})
 $neutron_endpoint               = hiera('neutron_endpoint', $management_vip)
 $region                         = hiera('region', 'RegionOne')
+$local_memcached_server        = hiera('local_memcached_server')
 
 $floating_hash = {}
 
@@ -30,6 +31,9 @@ if $use_neutron {
   $neutron_user_password = $neutron_config['keystone']['admin_password']
   $keystone_user         = pick($neutron_config['keystone']['admin_user'], 'neutron')
   $keystone_tenant       = pick($neutron_config['keystone']['admin_tenant'], 'services')
+  neutron_config {
+    'keystone_authtoken/memcached_servers' : value => $local_memcached_server,
+  }
 } else {
   $network_provider   = 'nova'
   $floating_ips_range = hiera('floating_network_range')
@@ -424,3 +428,4 @@ class { 'openstack::network':
   nameservers       => hiera('dns_nameservers', undef),
   enable_nova_net   => $enable_network_service,
 }
+

deployment/puppet/osnailyfacter/modular/openstack-network/openstack-network-controller.pp

@@ -12,6 +12,7 @@ $network_scheme                 = hiera('network_scheme', {})
 $nova_endpoint                  = hiera('nova_endpoint', $management_vip)
 $neutron_endpoint               = hiera('neutron_endpoint', $management_vip)
 $region                         = hiera('region', 'RegionOne')
+$local_memcached_server        = hiera('local_memcached_server')
 
 $floating_hash = {}
 
@@ -43,6 +44,9 @@ if $use_neutron {
   $neutron_db_name       = pick($neutron_config['database']['name'], 'neutron')
   $neutron_db_host       = pick($neutron_config['database']['host'], hiera('database_vip'))
   $base_mac              = $neutron_config['L2']['base_mac']
+  neutron_config {
+    'keystone_authtoken/memcached_servers' : value => $local_memcached_server,
+  }
 } else {
   $network_provider   = 'nova'
   $floating_ips_range = hiera('floating_network_range')

deployment/puppet/osnailyfacter/modular/sahara/sahara.pp

@@ -21,6 +21,7 @@ $use_stderr                 = hiera('use_stderr', false)
 $rabbit_ha_queues           = hiera('rabbit_ha_queues')
 $amqp_port                  = hiera('amqp_port')
 $amqp_hosts                 = hiera('amqp_hosts')
+$local_memcached_server          = hiera('local_memcached_server')
 
 #################################################################
 
@@ -88,6 +89,7 @@ if $sahara_hash['enabled'] {
   sahara_config {
     'database/max_overflow':  value => $max_overflow;
     'database/max_pool_size': value => $max_pool_size;
+    'keystone_authtoken/memcached_servers' : value => $local_memcached_server,
   }
 
   if $public_ssl_hash['services'] {

deployment/puppet/osnailyfacter/templates/globals_yaml.erb

@@ -107,6 +107,10 @@
 <% globals.store "management_vrouter_vip", @management_vrouter_vip -%>
 <% globals.store "public_vrouter_vip", @public_vrouter_vip -%>
 <% globals.store "memcache_roles", @memcache_roles -%>
+<% globals.store "memcached_addresses", @memcached_addresses -%>
+<% globals.store "memcached_port", @memcached_port -%>
+<% globals.store "memcached_servers", @memcached_servers -%>
+<% globals.store "local_memcached_server", @local_memcached_server -%>
 <% globals.store "swift_master_role", @swift_master_role -%>
 <% globals.store "swift_nodes", @swift_nodes -%>
 <% globals.store "swift_proxies", @swift_proxies -%>

tests/noop/spec/hosts/ceilometer/controller_spec.rb

@@ -12,6 +12,8 @@ describe manifest do
     ceilometer_hash = Noop.hiera_structure 'ceilometer'
     rabbit_ha_queues = 'true'
 
+    let(:local_memcached_server) { Noop.hiera 'local_memcached_server' }
+
     # Ceilometer
     if ceilometer_hash['enabled']
       it 'should declare openstack::ceilometer class with correct parameters' do
@@ -23,6 +25,9 @@ describe manifest do
           'use_stderr'       => 'false',
         )
       end
+      it 'should configure memcache for keystone_authtoken' do
+        should contain_ceilometer_config('keystone_authtoken/memcached_servers').with_value(local_memcached_server)
+      end
       it 'should configure OS ENDPOINT TYPE for ceilometer' do
         should contain_ceilometer_config('service_credentials/os_endpoint_type').with(:value => 'internalURL')
       end

tests/noop/spec/hosts/glance/glance_spec.rb

@@ -20,6 +20,8 @@ describe manifest do
        pipeline = 'keystone'
     end
 
+	let(:local_memcached_server) { Noop.hiera 'local_memcached_server' }
+
     it 'should declare glance classes' do
       should contain_class('glance::api').with('pipeline' => pipeline)
       should contain_class('glance::registry')
@@ -37,6 +39,7 @@ describe manifest do
       should contain_glance_api_config('DEFAULT/auth_region').with_value(region)
       should contain_glance_api_config('keystone_authtoken/signing_dir').with_value('/tmp/keystone-signing-glance')
       should contain_glance_api_config('keystone_authtoken/token_cache_time').with_value('-1')
+      should contain_glance_api_config('keystone_authtoken/memcached_servers').with_value(local_memcached_server)
     end
 
     if $glance_backend == 'rbd'

tests/noop/spec/hosts/heat/heat_spec.rb

@@ -5,6 +5,8 @@ manifest = 'heat/heat.pp'
 describe manifest do
   shared_examples 'catalog' do
 
+    let(:local_memcached_server) { Noop.hiera 'local_memcached_server' }
+
     use_syslog = Noop.hiera 'use_syslog'
 
     it 'should set empty trusts_delegated_roles for heat engine' do
@@ -22,6 +24,10 @@ describe manifest do
       should contain_heat_config('DEFAULT/max_json_body_size').with_value('10880000')
     end
 
+    it 'should configure caching for validation process' do
+      should contain_heat_config('keystone_authtoken/memcached_servers').with_value(local_memcached_server)
+    end
+
     it 'should configure heat rpc response timeout' do
       should contain_heat_config('DEFAULT/rpc_response_timeout').with_value('600')
     end

tests/noop/spec/hosts/murano/murano_spec.rb

@@ -36,6 +36,8 @@ describe manifest do
     predefined_networks        = Noop.hiera_structure('neutron_config/predefined_networks')
     repository_url             = Noop.hiera_structure('murano_settings/murano_repo_url')
 
+    let(:local_memcached_server) { Noop.hiera('local_memcached_server') }
+
     if murano_enabled
       api_bind_port              = '8082'
       api_bind_host              = bind_address
@@ -94,6 +96,10 @@ describe manifest do
                )
       end
 
+      it 'should configure keystone_authtoken memcached_servers' do
+        should contain_murano_config('keystone_authtoken/memcached_servers').with_value(local_memcached_server)
+      end
+
       it 'should declare murano::api class correctly' do
         should contain_class('murano::api').with(
                    'host' => api_bind_host,

tests/noop/spec/hosts/openstack-cinder/openstack-cinder_spec.rb

@@ -12,6 +12,7 @@ describe manifest do
   cinder_user = Noop.hiera_structure('cinder/user', "cinder")
   cinder_user_password = Noop.hiera_structure('cinder/user_password')
   cinder_tenant = Noop.hiera_structure('cinder/tenant', "services")
+  let(:local_memcached_server) { Noop.hiera 'local_memcached_server' }
 
   it 'ensures cinder_config contains "oslo_messaging_rabbit/rabbit_ha_queues" ' do
     should contain_cinder_config('oslo_messaging_rabbit/rabbit_ha_queues').with(
@@ -65,6 +66,10 @@ describe manifest do
     should contain_class('cinder::scheduler::filter').with( :scheduler_default_filters => filters )
   end
 
+  it 'should configure keystone_authtoken memcached_servers' do
+    should contain_cinder_config('keystone_authtoken/memcached_servers').with_value(local_memcached_server)
+  end
+
   end # end of shared_examples
 
  test_ubuntu_and_centos manifest

tests/noop/spec/hosts/openstack-controller/openstack-controller_spec.rb

@@ -58,6 +58,12 @@ describe manifest do
       )
     end
 
+    let (:local_memcached_server) { Noop.hiera 'local_memcached_server' }
+
+    it 'nova config should contain right memcached servers list' do
+      should contain_nova_config('keystone_authtoken/memcached_servers').with_value(local_memcached_server)
+    end
+
     if floating_ips_range && access_hash
       floating_ips_range.each do |ips_range|
         it "should configure nova floating IP range for #{ips_range}" do

tests/noop/spec/hosts/openstack-network/openstack-network-compute_spec.rb

@@ -11,6 +11,8 @@ describe manifest do
     use_neutron      = Noop.hiera 'use_neutron'
     service_endpoint = Noop.hiera 'service_endpoint'
 
+    let(:local_memcached_server) { Noop.hiera 'local_memcached_server' }
+
     it 'should declare openstack::network with use_stderr disabled' do
       should contain_class('openstack::network').with(
         'use_stderr' => 'false',
@@ -141,6 +143,10 @@ describe manifest do
         ).that_comes_before('Service[libvirt]')
       end
 
+      it 'should configure keystone_authtoken memcached_servers' do
+        should contain_neutron_config('keystone_authtoken/memcached_servers').with_value(local_memcached_server)
+      end
+
       neutron_config =  Noop.hiera_structure 'quantum_settings'
       neutron_advanced_config =  Noop.hiera_structure 'neutron_advanced_configuration'
 

tests/noop/spec/hosts/openstack-network/openstack-network-controller_spec.rb

@@ -11,6 +11,8 @@ describe manifest do
     ceilometer_enabled = Noop.hiera_structure 'ceilometer/enabled'
     service_endpoint   = Noop.hiera 'service_endpoint'
 
+    let(:local_memcached_server) { Noop.hiera 'local_memcached_server' }
+
     it 'should declare openstack::network with use_stderr disabled' do
       should contain_class('openstack::network').with(
         'use_stderr' => 'false',
@@ -115,6 +117,10 @@ describe manifest do
         )
       end
 
+      it 'should configure keystone_authtoken memcached_servers' do
+        should contain_neutron_config('keystone_authtoken/memcached_servers').with_value(local_memcached_server)
+      end
+
       neutron_config =  Noop.hiera_structure 'quantum_settings'
       neutron_advanced_config =  Noop.hiera_structure 'neutron_advanced_configuration'
 

tests/noop/spec/hosts/sahara/sahara_spec.rb

@@ -26,6 +26,7 @@ describe manifest do
     log_facility_sahara  = Noop.hiera('syslog_log_facility_sahara')
     rabbit_ha_queues     = Noop.hiera('rabbit_ha_queues')
     public_ssl           = Noop.hiera_structure('public_ssl/services')
+    let(:local_memcached_server) { Noop.hiera('local_memcached_server') }
 
     if sahara_enabled
       firewall_rule   = '201 sahara-api'
@@ -75,6 +76,8 @@ describe manifest do
           'rabbit_port'         => amqp_port,
           'rabbit_hosts'        => amqp_hosts.split(","),
         )
+
+        should contain_sahara_config('keystone_authtoken/memcached_servers').with_value(local_memcached_server)
       end
 
       it 'should configure sahara db params' do