Merge "Add support for keystone_authtoken/memcache_use_advanced_pool"

deployment/aodh/aodh-api-container-puppet.yaml

@@ -101,6 +101,11 @@ parameters:
     description: >
         Cron to delete alarms from db - Max Delay
     default: '3600'
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 resources:
   ContainersCommon:
@@ -174,6 +179,7 @@ outputs:
             aodh::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
             aodh::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             aodh::keystone::authtoken::interface: 'internal'
+            aodh::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             aodh::policy::policies: {get_param: AodhApiPolicies}
             # NOTE: bind IP is found in hiera replacing the network name with the
             # local node IP for the given network; replacement examples

deployment/barbican/barbican-api-container-puppet.yaml

@@ -168,6 +168,11 @@ parameters:
     description: >
       Setting this to a unique value will re-run any deployment tasks which
       perform configuration on a Heat stack-update.
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   hsm_enabled:
@@ -245,6 +250,7 @@ outputs:
             barbican::keystone::authtoken::project_name: 'service'
             barbican::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             barbican::keystone::authtoken::interface: 'internal'
+            barbican::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             barbican::keystone::notification::enable_keystone_notification: True
             barbican::keystone::notification::keystone_notification_topic: 'barbican_notifications'
             barbican::policy::policies: {get_param: BarbicanPolicies}

deployment/cinder/cinder-api-container-puppet.yaml

@@ -88,6 +88,11 @@ parameters:
   RootStackName:
     description: The name of the stack/plan.
     type: string
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 resources:
   ContainersCommon:
@@ -163,6 +168,7 @@ outputs:
             cinder::keystone::authtoken::project_domain_name: 'Default'
             cinder::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             cinder::keystone::authtoken::interface: 'internal'
+            cinder::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             cinder::policy::policies: {get_param: CinderApiPolicies}
             cinder::notification_driver: {get_param: NotificationDriver}
             cinder::api::default_volume_type: {get_param: CinderDefaultVolumeType}

deployment/deprecated/mistral/mistral-base.yaml

@@ -57,6 +57,11 @@ parameters:
     type: number
     default: 120
     description: Mistral RPC timeout
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   enable_sqlalchemy_collectd: {equals : [{get_param: EnableSQLAlchemyCollectd}, true]}
@@ -102,6 +107,7 @@ outputs:
         mistral::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
         mistral::keystone::authtoken::region_name: {get_param: KeystoneRegion}
         mistral::keystone::authtoken::interface: 'internal'
+        mistral::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
         mistral::keystone_ec2_uri:
           list_join:
           - ''

deployment/deprecated/novajoin/novajoin-container-puppet.yaml

@@ -80,6 +80,11 @@ parameters:
       A hash of policies to configure for Novajoin.
     default: {}
     type: json
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 resources:
 
@@ -132,6 +137,7 @@ outputs:
         nova::metadata::novajoin::authtoken::project_name: 'service'
         nova::metadata::novajoin::authtoken::region_name: {get_param: KeystoneRegion}
         nova::metadata::novajoin::authtoken::interface: 'internal'
+        nova::metadata::novajoin::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
         nova::metadata::novajoin::policy::policies: {get_param: NovajoinPolicies}
       service_config_settings:
         nova_metadata: &nova_vendordata

deployment/deprecated/zaqar/zaqar-container-puppet.yaml

@@ -85,6 +85,11 @@ parameters:
     description: The password for the redis service account.
     type: string
     hidden: true
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   internal_tls_enabled: {get_param: EnableInternalTLS}
@@ -153,6 +158,7 @@ outputs:
             zaqar::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
             zaqar::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             zaqar::keystone::authtoken::interface: 'internal'
+            zaqar::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             zaqar::keystone::trust::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             zaqar::logging::debug:
               if:

deployment/experimental/designate/designate-api-container-puppet.yaml

@@ -52,6 +52,11 @@ parameters:
     description: The password for the neutron service and db account, used by neutron agents.
     type: string
     hidden: true
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
@@ -101,6 +106,7 @@ outputs:
             designate::keystone::authtoken::password: {get_param: DesignatePassword}
             designate::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             designate::keystone::authtoken::interface: 'internal'
+            designate::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             tripleo::profile::base::designate::api::listen_ip:
               str_replace:
                 template:

deployment/glance/glance-api-container-puppet.yaml

@@ -359,6 +359,11 @@ parameters:
     description: >
         Cron to purge db entries marked as deleted and older than $age - Max Delay
     default: '3600'
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   cinder_backend_enabled:
@@ -480,6 +485,7 @@ outputs:
             glance::api::authtoken::user_domain_name: 'Default'
             glance::api::authtoken::project_domain_name: 'Default'
             glance::api::authtoken::interface: 'internal'
+            glance::api::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             glance::api::pipeline:
               if:
               - {get_param: GlanceCacheEnabled}

deployment/gnocchi/gnocchi-api-container-puppet.yaml

@@ -121,6 +121,11 @@ parameters:
     default: "/var/lib/tripleo-config/ceph"
     description: |
       The path where the Ceph Cluster config files are stored on the host.
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   cors_allowed_origin_unset: {equals : [{get_param: GnocchiCorsAllowedOrigin}, '']}
@@ -203,6 +208,7 @@ outputs:
             gnocchi::keystone::authtoken::project_domain_name: 'Default'
             gnocchi::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             gnocchi::keystone::authtoken::interface: 'internal'
+            gnocchi::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             gnocchi::wsgi::apache::ssl: {get_param: EnableInternalTLS}
             gnocchi::wsgi::apache::servername:
               str_replace:

deployment/heat/heat-base-puppet.yaml

@@ -135,6 +135,11 @@ parameters:
                  port set with MemcachedPort parameter (above) and on 11211,
                  without TLS.
     type: boolean
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   tls_cache_enabled:
@@ -172,6 +177,7 @@ outputs:
             heat::keystone::authtoken::password: {get_param: HeatPassword}
             heat::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             heat::keystone::authtoken::interface: 'internal'
+            heat::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             heat::keystone::domain::domain_name: 'heat_stack'
             heat::keystone::domain::domain_admin: 'heat_stack_domain_admin'
             heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost'

deployment/ironic/ironic-api-container-puppet.yaml

@@ -64,6 +64,11 @@ parameters:
   EnableInternalTLS:
     type: boolean
     default: false
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   cors_allowed_origin_set:
@@ -137,6 +142,7 @@ outputs:
             ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             ironic::api::authtoken::region_name: {get_param: KeystoneRegion }
             ironic::api::authtoken::interface: 'internal'
+            ironic::api::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             # NOTE: bind IP is found in hiera replacing the network name with the
             # local node IP for the given network; replacement examples
             # (eg. for internal_api):

deployment/manila/manila-api-container-puppet.yaml

@@ -102,6 +102,11 @@ parameters:
     description: >
         Cron to purge db entries marked as deleted and older than $age - Max Delay
     default: '3600'
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 resources:
   ContainersCommon:
@@ -173,6 +178,7 @@ outputs:
             manila::keystone::authtoken::project_domain_name: 'Default'
             manila::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             manila::keystone::authtoken::interface: 'internal'
+            manila::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             # NOTE: bind IP is found in hiera replacing the network name with the
             # local node IP for the given network; replacement examples
             # (eg. for internal_api):

deployment/neutron/neutron-api-container-puppet.yaml

@@ -167,6 +167,11 @@ parameters:
     default: ''
     description: Override the private key size used when creating the
                  certificate for this service
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
   # DEPRECATED: the following options are deprecated and are currently maintained
   # for backwards compatibility. They will be removed in the Ocata cycle.
   NeutronL3HA:
@@ -302,6 +307,7 @@ outputs:
             neutron::keystone::authtoken::project_domain_name: 'Default'
             neutron::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             neutron::keystone::authtoken::interface: 'internal'
+            neutron::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             neutron::quota::quota_port: {get_param: NeutronPortQuota}
             neutron::quota::quota_security_group: {get_param: NeutronSecurityGroupQuota}
             neutron::server::placement::password: {get_param: NovaPassword}

deployment/nova/nova-api-container-puppet.yaml

@@ -226,6 +226,11 @@ parameters:
         0 means, purge data older than today in
         shadow tables.
     default: 90
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 parameter_groups:
 - label: deprecated
@@ -333,6 +338,7 @@ outputs:
             nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             nova::keystone::authtoken::interface: 'internal'
+            nova::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             nova::api::max_limit: {get_param: NovaApiMaxLimit}
             nova::api::enabled: true
             nova::network::neutron::default_floating_pool: {get_param: NovaDefaultFloatingPool}

deployment/nova/nova-metadata-container-puppet.yaml

@@ -73,6 +73,11 @@ parameters:
       each Neutron metadata-agent to point to the corresponding nova-metadata API
       service.
     type: boolean
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   nova_workers_set:
@@ -154,6 +159,7 @@ outputs:
             nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
             nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             nova::keystone::authtoken::interface: 'internal'
+            nova::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             nova::wsgi::apache_metadata::api_port: '8775'
             nova::wsgi::apache_metadata::ssl: {get_param: EnableInternalTLS}
             nova::metadata::local_metadata_per_cell: {get_param: NovaLocalMetadataPerCell}

deployment/octavia/octavia-api-container-puppet.yaml

@@ -87,6 +87,11 @@ parameters:
     default: true
     description:  Set to false if the driver agent needs to be disabled for some reason.
     type: boolean
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 resources:
   ContainersCommon:
@@ -160,6 +165,7 @@ outputs:
             octavia::keystone::authtoken::project_domain_name: 'Default'
             octavia::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             octavia::keystone::authtoken::interface: 'internal'
+            octavia::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             octavia::policy::policies: {get_param: OctaviaApiPolicies}
             octavia::worker::manage_nova_flavor: {get_param: OctaviaManageNovaFlavor}
             octavia::worker::nova_flavor_config: {get_param: OctaviaFlavorProperties}

deployment/placement/placement-api-container-puppet.yaml

@@ -80,6 +80,11 @@ parameters:
     type: boolean
     default: false
     description: Set to True to enable debugging on all services.
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   placement_workers_set:
@@ -136,6 +141,7 @@ outputs:
             placement::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             placement::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             placement::keystone::authtoken::interface: 'internal'
+            placement::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             placement::wsgi::apache::api_port: '8778'
             placement::wsgi::apache::ssl: {get_param: EnableInternalTLS}
             # NOTE: bind IP is found in hiera replacing the network name with the local node IP

releasenotes/notes/memcache_use_advanced_pool-41ca18221e60c05a.yaml

@@ -0,0 +1,7 @@
+---
+features:
+  - |
+    The new ``MemcacheUseAdvancedPool`` parameter is added which enables usage
+    of advanced poll for memcached connections in keystone middleware. This
+    parameter is set to ``true`` by default to avoind bursting connections
+    in some services like neutron.