Merge "Add support for keystone_authtoken/memcache_use_advanced_pool" into stable/ussuri

deployment/aodh/aodh-base.yaml

@@ -61,6 +61,11 @@ parameters:
     type: string
     default: 'noop'
     description: Driver or drivers to handle sending notifications.
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   service_debug_unset: {equals : [{get_param: AodhDebug}, '']}
@@ -108,6 +113,7 @@ outputs:
         aodh::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
         aodh::keystone::authtoken::region_name: {get_param: KeystoneRegion}
         aodh::keystone::authtoken::interface: 'internal'
+        aodh::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
         aodh::auth::auth_password: {get_param: AodhPassword}
         aodh::auth::auth_region: {get_param: KeystoneRegion}
         aodh::auth::auth_project_name: 'service'

deployment/barbican/barbican-api-container-puppet.yaml

@@ -176,6 +176,11 @@ parameters:
     description: >
       Setting this to a unique value will re-run any deployment tasks which
       perform configuration on a Heat stack-update.
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   service_debug_unset:  {equals : [{get_param: BarbicanDebug}, '']}
@@ -254,6 +259,7 @@ outputs:
             barbican::keystone::authtoken::project_name: 'service'
             barbican::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             barbican::keystone::authtoken::interface: 'internal'
+            barbican::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             barbican::keystone::notification::enable_keystone_notification: True
             barbican::keystone::notification::keystone_notification_topic: 'barbican_notifications'
             barbican::policy::policies: {get_param: BarbicanPolicies}

deployment/cinder/cinder-api-container-puppet.yaml

@@ -91,6 +91,11 @@ parameters:
   RootStackName:
     description: The name of the stack/plan.
     type: string
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
 
@@ -187,6 +192,7 @@ outputs:
             cinder::keystone::authtoken::project_domain_name: 'Default'
             cinder::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             cinder::keystone::authtoken::interface: 'internal'
+            cinder::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             cinder::policy::policies: {get_param: CinderApiPolicies}
             cinder::notification_driver: {get_param: NotificationDriver}
             cinder::api::default_volume_type: {get_param: CinderDefaultVolumeType}

deployment/experimental/designate/designate-api-container-puppet.yaml

@@ -55,6 +55,11 @@ parameters:
     description: The password for the neutron service and db account, used by neutron agents.
     type: string
     hidden: true
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
@@ -105,6 +110,7 @@ outputs:
             designate::keystone::authtoken::password: {get_param: DesignatePassword}
             designate::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             designate::keystone::authtoken::interface: 'internal'
+            designate::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             tripleo::profile::base::designate::api::listen_ip:
               str_replace:
                 template:

deployment/glance/glance-api-container-puppet.yaml

@@ -285,6 +285,11 @@ parameters:
   ContainerGlanceApiConfigImage:
     description: The container image to use for the glance_api config_volume
     type: string
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
 
@@ -423,6 +428,7 @@ outputs:
             glance::api::authtoken::user_domain_name: 'Default'
             glance::api::authtoken::project_domain_name: 'Default'
             glance::api::authtoken::interface: 'internal'
+            glance::api::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             glance::api::pipeline:
               if:
               - glance_cache_enabled

deployment/gnocchi/gnocchi-api-container-puppet.yaml

@@ -122,6 +122,11 @@ parameters:
     default: ''
     description: Indicate whether this resource may be shared with the domain received in the request
                  "origin" header.
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   cors_allowed_origin_unset: {equals : [{get_param: GnocchiCorsAllowedOrigin}, '']}
@@ -206,6 +211,7 @@ outputs:
             gnocchi::keystone::authtoken::project_domain_name: 'Default'
             gnocchi::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             gnocchi::keystone::authtoken::interface: 'internal'
+            gnocchi::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             gnocchi::wsgi::apache::ssl: {get_param: EnableInternalTLS}
             gnocchi::wsgi::apache::servername:
               str_replace:

deployment/heat/heat-base-puppet.yaml

@@ -140,6 +140,11 @@ parameters:
                  port set with MemcachedPort parameter (above) and on 11211,
                  without TLS.
     type: boolean
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   service_debug_unset: {equals : [{get_param: HeatDebug}, '']}
@@ -179,6 +184,7 @@ outputs:
             heat::keystone::authtoken::password: {get_param: HeatPassword}
             heat::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             heat::keystone::authtoken::interface: 'internal'
+            heat::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             heat::keystone::domain::domain_name: 'heat_stack'
             heat::keystone::domain::domain_admin: 'heat_stack_domain_admin'
             heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost'

deployment/ironic/ironic-api-container-puppet.yaml

@@ -67,6 +67,11 @@ parameters:
   EnableInternalTLS:
     type: boolean
     default: false
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
@@ -144,6 +149,7 @@ outputs:
             ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             ironic::api::authtoken::region_name: {get_param: KeystoneRegion }
             ironic::api::authtoken::interface: 'internal'
+            ironic::api::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             # NOTE: bind IP is found in hiera replacing the network name with the
             # local node IP for the given network; replacement examples
             # (eg. for internal_api):

deployment/manila/manila-api-container-puppet.yaml

@@ -60,6 +60,11 @@ parameters:
                  When not set, the list is inferred via the storage back end/s
                  enabled.
     type: comma_delimited_list
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
 
@@ -139,6 +144,7 @@ outputs:
             manila::keystone::authtoken::project_domain_name: 'Default'
             manila::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             manila::keystone::authtoken::interface: 'internal'
+            manila::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             # NOTE: bind IP is found in hiera replacing the network name with the
             # local node IP for the given network; replacement examples
             # (eg. for internal_api):

deployment/mistral/mistral-base.yaml

@@ -62,6 +62,11 @@ parameters:
     type: number
     default: 120
     description: Mistral RPC timeout
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   service_debug_unset: {equals : [{get_param: MistralDebug}, '']}
@@ -108,6 +113,7 @@ outputs:
         mistral::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
         mistral::keystone::authtoken::region_name: {get_param: KeystoneRegion}
         mistral::keystone::authtoken::interface: 'internal'
+        mistral::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
         mistral::keystone_ec2_uri:
           list_join:
           - ''

deployment/neutron/neutron-api-container-puppet.yaml

@@ -173,6 +173,11 @@ parameters:
     default: ''
     description: Override the private key size used when creating the
                  certificate for this service
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
   # DEPRECATED: the following options are deprecated and are currently maintained
   # for backwards compatibility. They will be removed in the Ocata cycle.
   NeutronL3HA:
@@ -309,6 +314,7 @@ outputs:
             neutron::keystone::authtoken::project_domain_name: 'Default'
             neutron::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             neutron::keystone::authtoken::interface: 'internal'
+            neutron::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             neutron::quota::quota_port: {get_param: NeutronPortQuota}
             neutron::quota::quota_security_group: {get_param: NeutronSecurityGroupQuota}
             neutron::server::sync_db: true

deployment/nova/nova-api-container-puppet.yaml

@@ -109,6 +109,11 @@ parameters:
     default: 1000
     description: Max number of objects returned per API query
     type: number
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 parameter_groups:
 - label: deprecated
@@ -226,6 +231,7 @@ outputs:
             nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             nova::keystone::authtoken::interface: 'internal'
+            nova::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             nova::api::max_limit: {get_param: NovaApiMaxLimit}
             nova::api::enabled: true
             nova::api::default_floating_pool: {get_param: NovaDefaultFloatingPool}

deployment/nova/nova-metadata-container-puppet.yaml

@@ -76,6 +76,11 @@ parameters:
       each Neutron metadata-agent to point to the corresponding nova-metadata API
       service.
     type: boolean
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
@@ -164,6 +169,7 @@ outputs:
             nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
             nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             nova::keystone::authtoken::interface: 'internal'
+            nova::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             nova::wsgi::apache_metadata::api_port: '8775'
             nova::wsgi::apache_metadata::ssl: {get_param: EnableInternalTLS}
             nova::metadata::local_metadata_per_cell: {get_param: NovaLocalMetadataPerCell}

deployment/nova/novajoin-container-puppet.yaml

@@ -83,6 +83,11 @@ parameters:
       A hash of policies to configure for Novajoin.
     default: {}
     type: json
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 resources:
 
@@ -135,6 +140,7 @@ outputs:
         nova::metadata::novajoin::authtoken::project_name: 'service'
         nova::metadata::novajoin::authtoken::region_name: {get_param: KeystoneRegion}
         nova::metadata::novajoin::authtoken::interface: 'internal'
+        nova::metadata::novajoin::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
         nova::metadata::novajoin::policy::policies: {get_param: NovajoinPolicies}
       service_config_settings:
         nova_metadata: &nova_vendordata

deployment/octavia/octavia-api-container-puppet.yaml

@@ -90,6 +90,11 @@ parameters:
     default: true
     description:  Set to false if the driver agent needs to be disabled for some reason.
     type: boolean
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
 
@@ -172,6 +177,7 @@ outputs:
             octavia::keystone::authtoken::project_domain_name: 'Default'
             octavia::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             octavia::keystone::authtoken::interface: 'internal'
+            octavia::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             octavia::policy::policies: {get_param: OctaviaApiPolicies}
             octavia::worker::manage_nova_flavor: {get_param: OctaviaManageNovaFlavor}
             octavia::worker::nova_flavor_config: {get_param: OctaviaFlavorProperties}

deployment/placement/placement-api-container-puppet.yaml

@@ -83,6 +83,11 @@ parameters:
     type: boolean
     default: false
     description: Set to True to enable debugging on all services.
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   placement_workers_zero: {equals : [{get_param: PlacementWorkers}, 0]}
@@ -142,6 +147,7 @@ outputs:
             placement::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             placement::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             placement::keystone::authtoken::interface: 'internal'
+            placement::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             placement::wsgi::apache::api_port: '8778'
             placement::wsgi::apache::ssl: {get_param: EnableInternalTLS}
             # NOTE: bind IP is found in hiera replacing the network name with the local node IP

deployment/zaqar/zaqar-container-puppet.yaml

@@ -90,6 +90,11 @@ parameters:
     description: The password for the redis service account.
     type: string
     hidden: true
+  MemcacheUseAdvancedPool:
+    type: boolean
+    description: |
+      Use the advanced (eventlet safe) memcached client pool.
+    default: true
 
 conditions:
   internal_tls_enabled: {get_param: EnableInternalTLS}
@@ -160,6 +165,7 @@ outputs:
             zaqar::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
             zaqar::keystone::authtoken::region_name: {get_param: KeystoneRegion}
             zaqar::keystone::authtoken::interface: 'internal'
+            zaqar::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
             zaqar::keystone::trust::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
             zaqar::logging::debug:
               if:

releasenotes/notes/memcache_use_advanced_pool-41ca18221e60c05a.yaml

@@ -0,0 +1,7 @@
+---
+features:
+  - |
+    The new ``MemcacheUseAdvancedPool`` parameter is added which enables usage
+    of advanced poll for memcached connections in keystone middleware. This
+    parameter is set to ``true`` by default to avoind bursting connections
+    in some services like neutron.