)]}'
{"deployment/keystone/keystone-container-puppet.yaml":[{"author":{"_account_id":8833,"name":"Rabi Mishra","email":"ramishra@redhat.com","username":"rabi"},"change_message_id":"ce7c599f66b75fdf17b4e5fb2177d657f9beafab","unresolved":false,"context_lines":[{"line_number":422,"context_line":"            keystone::bootstrap::service_project_name: \u0027service\u0027"},{"line_number":423,"context_line":"            keystone::roles::admin::admin_tenant: \u0027admin\u0027"},{"line_number":424,"context_line":"            keystone::bootstrap::project_name: \u0027admin\u0027"},{"line_number":425,"context_line":"            keystone::cache_enabled: true"},{"line_number":426,"context_line":"            keystone::cache_backend: \u0027dogpile.cache.memcached\u0027"},{"line_number":427,"context_line":"            keystone::config::keystone_config:"},{"line_number":428,"context_line":"              ec2/driver:"},{"line_number":429,"context_line":"                value: \u0027keystone.contrib.ec2.backends.sql.Ec2\u0027"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"df33271e_9f080ada","line":426,"range":{"start_line":425,"start_character":0,"end_line":426,"end_character":62},"updated":"2020-04-06 11:17:39.000000000","message":"As I mentioned earlier too, __this assumes__ that memcached service is available wherever keystone is deployed. \n\nProbably not true right? We probably have to ensure that some way if we go with this assumption.","commit_id":"74ca6233d67052edc93a4ec8df958c4fd69b2e34"},{"author":{"_account_id":9816,"name":"Takashi Kajinami","email":"kajinamit@oss.nttdata.com","username":"kajinamit"},"change_message_id":"c78e4386fff4c4da9c2a0d6b5513360e44c37974","unresolved":false,"context_lines":[{"line_number":422,"context_line":"            keystone::bootstrap::service_project_name: \u0027service\u0027"},{"line_number":423,"context_line":"            keystone::roles::admin::admin_tenant: \u0027admin\u0027"},{"line_number":424,"context_line":"            keystone::bootstrap::project_name: \u0027admin\u0027"},{"line_number":425,"context_line":"            keystone::cache_enabled: true"},{"line_number":426,"context_line":"            keystone::cache_backend: \u0027dogpile.cache.memcached\u0027"},{"line_number":427,"context_line":"            keystone::config::keystone_config:"},{"line_number":428,"context_line":"              ec2/driver:"},{"line_number":429,"context_line":"                value: \u0027keystone.contrib.ec2.backends.sql.Ec2\u0027"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"3f4c43b2_91775f3b","line":426,"range":{"start_line":425,"start_character":0,"end_line":426,"end_character":62},"in_reply_to":"3f4c43b2_608f63cc","updated":"2020-04-14 15:54:03.000000000","message":"I understood your point but I believe there doesn\u0027t exist such kind of dependency validation TripleO now.\nFor example operators can disable swift by Set None for all swift resources, glance tries to swift as its backend unless they explicitly change its backend.\nSo IMO operators should update template parameters \"correctly\" according to their deployment pattern if they want to change deployed resources.\n\nIf deployment without memcached is actually required, how about adding an example template, which disables memcached and sets required parameters to disable memcached usage ?\nI initially thought to implement some parameters to configure caching, but I removed all parameters after getting feedback in heat cache patch[1]\nHowever we might be able to set a simple parameter to disable usage of memcache and can set these parameters in that example template.\n\n [1] https://review.opendev.org/#/c/716967/","commit_id":"74ca6233d67052edc93a4ec8df958c4fd69b2e34"},{"author":{"_account_id":9816,"name":"Takashi Kajinami","email":"kajinamit@oss.nttdata.com","username":"kajinamit"},"change_message_id":"588a79e3fbfcb861f98ccb8592fd70ed0c973584","unresolved":false,"context_lines":[{"line_number":422,"context_line":"            keystone::bootstrap::service_project_name: \u0027service\u0027"},{"line_number":423,"context_line":"            keystone::roles::admin::admin_tenant: \u0027admin\u0027"},{"line_number":424,"context_line":"            keystone::bootstrap::project_name: \u0027admin\u0027"},{"line_number":425,"context_line":"            keystone::cache_enabled: true"},{"line_number":426,"context_line":"            keystone::cache_backend: \u0027dogpile.cache.memcached\u0027"},{"line_number":427,"context_line":"            keystone::config::keystone_config:"},{"line_number":428,"context_line":"              ec2/driver:"},{"line_number":429,"context_line":"                value: \u0027keystone.contrib.ec2.backends.sql.Ec2\u0027"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"df33271e_ffcf9626","line":426,"range":{"start_line":425,"start_character":0,"end_line":426,"end_character":62},"in_reply_to":"df33271e_9f080ada","updated":"2020-04-06 11:43:54.000000000","message":"It is correct this assumes that memcached service is available in the same deployment.\nHowever this doesn\u0027t require memcached run on the same node as keystone, because memcached_ips should be set according to the node where memcached is actually running.\n\nI agree that we can implement a validation to make sure that memcached is enabled and available in the same deployment. However there are several implementation like nova cache[1] or authtoken cache which already assumes that memcached should be available in the deployment without any actual validations, and honestly I doubt the profit of strict validation only in keystone caching.\n\n [1] https://github.com/openstack/puppet-tripleo/blob/master/manifests/profile/base/nova.pp#L132-L136\n\nIn addition, memcached service is enabled by default, and I don\u0027t expect that operators tries to disable memcached for any reason.","commit_id":"74ca6233d67052edc93a4ec8df958c4fd69b2e34"},{"author":{"_account_id":5046,"name":"Lance Bragstad","email":"lbragstad@redhat.com","username":"ldbragst"},"change_message_id":"73f9df244a7b809a549c6660dfc676b5419b3540","unresolved":false,"context_lines":[{"line_number":422,"context_line":"            keystone::bootstrap::service_project_name: \u0027service\u0027"},{"line_number":423,"context_line":"            keystone::roles::admin::admin_tenant: \u0027admin\u0027"},{"line_number":424,"context_line":"            keystone::bootstrap::project_name: \u0027admin\u0027"},{"line_number":425,"context_line":"            keystone::cache_enabled: true"},{"line_number":426,"context_line":"            keystone::cache_backend: \u0027dogpile.cache.memcached\u0027"},{"line_number":427,"context_line":"            keystone::config::keystone_config:"},{"line_number":428,"context_line":"              ec2/driver:"},{"line_number":429,"context_line":"                value: \u0027keystone.contrib.ec2.backends.sql.Ec2\u0027"}],"source_content_type":"text/x-yaml","patch_set":3,"id":"3f4c43b2_608f63cc","line":426,"range":{"start_line":425,"start_character":0,"end_line":426,"end_character":62},"in_reply_to":"df33271e_ffcf9626","updated":"2020-04-14 14:08:57.000000000","message":"Should this be done conditionally if they do attempt to disable memcached?\n\nWith this approach, if an operator disables memcached the keystone configuration is still going to try and connect to something.\n\nYou can probably verify this in the logs if you set debug_cache_backend \u003d True and bump the log level for oslo.cache to DEBUG.\n\nKeystone, and oslo.cache, currently don\u0027t fail if they can\u0027t connect to a defined caching server. You\u0027d see it attempt to pull things out of the cache only to always log a MISS.\n\nI\u0027m wondering if that\u0027s going to be confusing for users if they see caching configured (because it\u0027s not done conditionally) but there isn\u0027t a co-located memcached instance and keystone won\u0027t bark at you if it can\u0027t connect to it.","commit_id":"74ca6233d67052edc93a4ec8df958c4fd69b2e34"}]}