Hi all, I want to backport the fix for the "Token List in Memcache can consume an entire memcache page" bug[1] to Grizzly, but I had a couple of questions:
1. Why do we need to store the entire token data in the usertoken-<userid> key? This data always seems to be hashed before indexing into the 'token-<tokenid>' keys anyway. The size of the memcache data for a user's token list currently grows by 4k every time a new PKI token is created. It doesn't take long to hit 1MB at this rate even with the above fix. 2. Every time it creates a new token, Keystone loads each token from the user's token list with a separate memcache call so it can throw it away if it's expired. This seems excessive. Is it anything to worry about? If it just checked the first two tokens you'd get the same effect on a longer time scale. I guess part of the answer is to decrease our token expiry time, which should mitigate both issues. Failing that we'd consider moving to the SQL backend. Cheers, Kieran [1] https://bugs.launchpad.net/keystone/+bug/1171985 _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
