Reviewed: https://review.openstack.org/608963 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=d465a58f02f134086d6322c5b858c056a3aea025 Submitter: Zuul Branch: master
commit d465a58f02f134086d6322c5b858c056a3aea025 Author: Jose Castro Leon <[email protected]> Date: Tue Oct 9 15:11:48 2018 +0200 Add caching on trust role validation to improve performance In the token model, the trust roles are not cached. This behavior impacts services that are using trusts heavily like heat or magnum. It introduces new cache data to improve the performance on token validation requests on trusts. Change-Id: I974907b427c34fd5db3228b6139d93bbcdc38df5 Closes-Bug: #1796887 ** Changed in: keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1796887 Title: Validation of tokens degraded after upgrade to Rocky Status in OpenStack Identity (keystone): Fix Released Bug description: Recently we have upgraded Keystone to the Rocky release and we saw a quite noticiable increase of the response on validation of certain types of tokens. Specifically tokens that are created from trusts. On the new token model (keystone/models/token_model.py) that's evaluated several times during token validation, the call to retrieve the roles from the trust is retrieving the information directly from the DB with no caching whatsoever. On other operations of the token_model, this information is only requested once, and then cached for following operations. Since we are using heat and magnum, that are heavily using trusts, we were impacted by this change of validation response. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1796887/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
