Add support for keystone_authtoken/memcache_use_advanced_pool
This change introduces a single parameter, MemcacheUseAdvancedPool, to enable usage of advanced connection pool in keystone middleware. This is useful to avoid bursting connection to memcached. Note that the default value of memcached_use_advanced_pool was changed from false to true during Xena cycle[1], so this parameter is no longer required in master. However the change in keystonemiddleware will never be backported. This change is created so that we can switch to advanced pool even in older releases. [1] https://review.opendev.org/c/openstack/keystonemiddleware/+/773939 (To Victoria) Conflicts: deployment/aodh/aodh-api-container-puppet.yaml deployment/glance/glance-api-container-puppet.yaml deployment/gnocchi/gnocchi-api-container-puppet.yaml deployment/manila/manila-api-container-puppet.yaml deployment/nova/nova-api-container-puppet.yaml Closes-Bug: #1931047 Change-Id: I2887249af44ccfdae1592dd9120d3366fa059876 (cherry picked from commit09bcacd25a
) (cherry picked from commit9a89b9add6
)
This commit is contained in:
parent
52f26b6fb9
commit
89fde273ea
|
@ -61,6 +61,11 @@ parameters:
|
|||
type: string
|
||||
default: 'noop'
|
||||
description: Driver or drivers to handle sending notifications.
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
service_debug_unset: {equals : [{get_param: AodhDebug}, '']}
|
||||
|
@ -108,6 +113,7 @@ outputs:
|
|||
aodh::keystone::authtoken::auth_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
|
||||
aodh::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
aodh::keystone::authtoken::interface: 'internal'
|
||||
aodh::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
aodh::auth::auth_password: {get_param: AodhPassword}
|
||||
aodh::auth::auth_region: {get_param: KeystoneRegion}
|
||||
aodh::auth::auth_project_name: 'service'
|
||||
|
|
|
@ -176,6 +176,11 @@ parameters:
|
|||
description: >
|
||||
Setting this to a unique value will re-run any deployment tasks which
|
||||
perform configuration on a Heat stack-update.
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
service_debug_unset: {equals : [{get_param: BarbicanDebug}, '']}
|
||||
|
@ -259,6 +264,7 @@ outputs:
|
|||
barbican::keystone::authtoken::project_name: 'service'
|
||||
barbican::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
barbican::keystone::authtoken::interface: 'internal'
|
||||
barbican::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
barbican::keystone::notification::enable_keystone_notification: True
|
||||
barbican::keystone::notification::keystone_notification_topic: 'barbican_notifications'
|
||||
barbican::policy::policies: {get_param: BarbicanPolicies}
|
||||
|
|
|
@ -91,6 +91,11 @@ parameters:
|
|||
RootStackName:
|
||||
description: The name of the stack/plan.
|
||||
type: string
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
|
||||
|
@ -187,6 +192,7 @@ outputs:
|
|||
cinder::keystone::authtoken::project_domain_name: 'Default'
|
||||
cinder::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
cinder::keystone::authtoken::interface: 'internal'
|
||||
cinder::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
cinder::policy::policies: {get_param: CinderApiPolicies}
|
||||
cinder::notification_driver: {get_param: NotificationDriver}
|
||||
cinder::api::default_volume_type: {get_param: CinderDefaultVolumeType}
|
||||
|
|
|
@ -62,6 +62,11 @@ parameters:
|
|||
type: number
|
||||
default: 120
|
||||
description: Mistral RPC timeout
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
service_debug_unset: {equals : [{get_param: MistralDebug}, '']}
|
||||
|
@ -108,6 +113,7 @@ outputs:
|
|||
mistral::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
mistral::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
mistral::keystone::authtoken::interface: 'internal'
|
||||
mistral::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
mistral::keystone_ec2_uri:
|
||||
list_join:
|
||||
- ''
|
||||
|
|
|
@ -83,6 +83,11 @@ parameters:
|
|||
A hash of policies to configure for Novajoin.
|
||||
default: {}
|
||||
type: json
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
resources:
|
||||
|
||||
|
@ -135,6 +140,7 @@ outputs:
|
|||
nova::metadata::novajoin::authtoken::project_name: 'service'
|
||||
nova::metadata::novajoin::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
nova::metadata::novajoin::authtoken::interface: 'internal'
|
||||
nova::metadata::novajoin::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
nova::metadata::novajoin::policy::policies: {get_param: NovajoinPolicies}
|
||||
service_config_settings:
|
||||
nova_metadata: &nova_vendordata
|
||||
|
|
|
@ -55,6 +55,11 @@ parameters:
|
|||
description: The password for the neutron service and db account, used by neutron agents.
|
||||
type: string
|
||||
hidden: true
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
designate_workers_zero: {equals : [{get_param: DesignateWorkers}, 0]}
|
||||
|
@ -105,6 +110,7 @@ outputs:
|
|||
designate::keystone::authtoken::password: {get_param: DesignatePassword}
|
||||
designate::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
designate::keystone::authtoken::interface: 'internal'
|
||||
designate::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
tripleo::profile::base::designate::api::listen_ip:
|
||||
str_replace:
|
||||
template:
|
||||
|
|
|
@ -296,6 +296,11 @@ parameters:
|
|||
ContainerGlanceApiConfigImage:
|
||||
description: The container image to use for the glance_api config_volume
|
||||
type: string
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
|
||||
|
@ -438,6 +443,7 @@ outputs:
|
|||
glance::api::authtoken::user_domain_name: 'Default'
|
||||
glance::api::authtoken::project_domain_name: 'Default'
|
||||
glance::api::authtoken::interface: 'internal'
|
||||
glance::api::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
glance::api::pipeline:
|
||||
if:
|
||||
- glance_cache_enabled
|
||||
|
|
|
@ -122,6 +122,11 @@ parameters:
|
|||
default: ''
|
||||
description: Indicate whether this resource may be shared with the domain received in the request
|
||||
"origin" header.
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
cors_allowed_origin_unset: {equals : [{get_param: GnocchiCorsAllowedOrigin}, '']}
|
||||
|
@ -206,6 +211,7 @@ outputs:
|
|||
gnocchi::keystone::authtoken::project_domain_name: 'Default'
|
||||
gnocchi::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
gnocchi::keystone::authtoken::interface: 'internal'
|
||||
gnocchi::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
gnocchi::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||
gnocchi::wsgi::apache::servername:
|
||||
str_replace:
|
||||
|
|
|
@ -140,6 +140,11 @@ parameters:
|
|||
port set with MemcachedPort parameter (above) and on 11211,
|
||||
without TLS.
|
||||
type: boolean
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
service_debug_unset: {equals : [{get_param: HeatDebug}, '']}
|
||||
|
@ -179,6 +184,7 @@ outputs:
|
|||
heat::keystone::authtoken::password: {get_param: HeatPassword}
|
||||
heat::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
heat::keystone::authtoken::interface: 'internal'
|
||||
heat::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
heat::keystone::domain::domain_name: 'heat_stack'
|
||||
heat::keystone::domain::domain_admin: 'heat_stack_domain_admin'
|
||||
heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost'
|
||||
|
|
|
@ -67,6 +67,11 @@ parameters:
|
|||
EnableInternalTLS:
|
||||
type: boolean
|
||||
default: false
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
|
@ -144,6 +149,7 @@ outputs:
|
|||
ironic::api::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
ironic::api::authtoken::region_name: {get_param: KeystoneRegion }
|
||||
ironic::api::authtoken::interface: 'internal'
|
||||
ironic::api::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
# NOTE: bind IP is found in hiera replacing the network name with the
|
||||
# local node IP for the given network; replacement examples
|
||||
# (eg. for internal_api):
|
||||
|
|
|
@ -60,6 +60,11 @@ parameters:
|
|||
When not set, the list is inferred via the storage back end/s
|
||||
enabled.
|
||||
type: comma_delimited_list
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
|
||||
|
@ -139,6 +144,7 @@ outputs:
|
|||
manila::keystone::authtoken::project_domain_name: 'Default'
|
||||
manila::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
manila::keystone::authtoken::interface: 'internal'
|
||||
manila::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
# NOTE: bind IP is found in hiera replacing the network name with the
|
||||
# local node IP for the given network; replacement examples
|
||||
# (eg. for internal_api):
|
||||
|
|
|
@ -173,6 +173,11 @@ parameters:
|
|||
default: ''
|
||||
description: Override the private key size used when creating the
|
||||
certificate for this service
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
# DEPRECATED: the following options are deprecated and are currently maintained
|
||||
# for backwards compatibility. They will be removed in the Ocata cycle.
|
||||
NeutronL3HA:
|
||||
|
@ -309,6 +314,7 @@ outputs:
|
|||
neutron::keystone::authtoken::project_domain_name: 'Default'
|
||||
neutron::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
neutron::keystone::authtoken::interface: 'internal'
|
||||
neutron::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
neutron::quota::quota_port: {get_param: NeutronPortQuota}
|
||||
neutron::quota::quota_security_group: {get_param: NeutronSecurityGroupQuota}
|
||||
neutron::server::placement::region_name: {get_param: KeystoneRegion}
|
||||
|
|
|
@ -105,6 +105,11 @@ parameters:
|
|||
default: 1000
|
||||
description: Max number of objects returned per API query
|
||||
type: number
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
parameter_groups:
|
||||
- label: deprecated
|
||||
|
@ -221,6 +226,7 @@ outputs:
|
|||
nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
nova::keystone::authtoken::interface: 'internal'
|
||||
nova::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
nova::api::max_limit: {get_param: NovaApiMaxLimit}
|
||||
nova::api::enabled: true
|
||||
nova::api::default_floating_pool: {get_param: NovaDefaultFloatingPool}
|
||||
|
|
|
@ -76,6 +76,11 @@ parameters:
|
|||
each Neutron metadata-agent to point to the corresponding nova-metadata API
|
||||
service.
|
||||
type: boolean
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
internal_tls_enabled: {equals: [{get_param: EnableInternalTLS}, true]}
|
||||
|
@ -164,6 +169,7 @@ outputs:
|
|||
nova::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
|
||||
nova::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
nova::keystone::authtoken::interface: 'internal'
|
||||
nova::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
nova::wsgi::apache_metadata::api_port: '8775'
|
||||
nova::wsgi::apache_metadata::ssl: {get_param: EnableInternalTLS}
|
||||
nova::metadata::local_metadata_per_cell: {get_param: NovaLocalMetadataPerCell}
|
||||
|
|
|
@ -90,6 +90,11 @@ parameters:
|
|||
default: true
|
||||
description: Set to false if the driver agent needs to be disabled for some reason.
|
||||
type: boolean
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
|
||||
|
@ -172,6 +177,7 @@ outputs:
|
|||
octavia::keystone::authtoken::project_domain_name: 'Default'
|
||||
octavia::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
octavia::keystone::authtoken::interface: 'internal'
|
||||
octavia::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
octavia::policy::policies: {get_param: OctaviaApiPolicies}
|
||||
octavia::worker::manage_nova_flavor: {get_param: OctaviaManageNovaFlavor}
|
||||
octavia::worker::nova_flavor_config: {get_param: OctaviaFlavorProperties}
|
||||
|
|
|
@ -83,6 +83,11 @@ parameters:
|
|||
type: boolean
|
||||
default: false
|
||||
description: Set to True to enable debugging on all services.
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
placement_workers_zero: {equals : [{get_param: PlacementWorkers}, 0]}
|
||||
|
@ -142,6 +147,7 @@ outputs:
|
|||
placement::keystone::authtoken::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
placement::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
placement::keystone::authtoken::interface: 'internal'
|
||||
placement::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
placement::wsgi::apache::api_port: '8778'
|
||||
placement::wsgi::apache::ssl: {get_param: EnableInternalTLS}
|
||||
# NOTE: bind IP is found in hiera replacing the network name with the local node IP
|
||||
|
|
|
@ -90,6 +90,11 @@ parameters:
|
|||
description: The password for the redis service account.
|
||||
type: string
|
||||
hidden: true
|
||||
MemcacheUseAdvancedPool:
|
||||
type: boolean
|
||||
description: |
|
||||
Use the advanced (eventlet safe) memcached client pool.
|
||||
default: true
|
||||
|
||||
conditions:
|
||||
internal_tls_enabled: {get_param: EnableInternalTLS}
|
||||
|
@ -160,6 +165,7 @@ outputs:
|
|||
zaqar::keystone::authtoken::www_authenticate_uri: {get_param: [EndpointMap, KeystoneInternal, uri]}
|
||||
zaqar::keystone::authtoken::region_name: {get_param: KeystoneRegion}
|
||||
zaqar::keystone::authtoken::interface: 'internal'
|
||||
zaqar::keystone::authtoken::memcache_use_advanced_pool: {get_param: MemcacheUseAdvancedPool}
|
||||
zaqar::keystone::trust::auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
|
||||
zaqar::logging::debug:
|
||||
if:
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
The new ``MemcacheUseAdvancedPool`` parameter is added which enables usage
|
||||
of advanced poll for memcached connections in keystone middleware. This
|
||||
parameter is set to ``true`` by default to avoind bursting connections
|
||||
in some services like neutron.
|
Loading…
Reference in New Issue