[Openstack-operators] Keystone token HA

Curtis serverascode at gmail.com
Fri Dec 18 17:02:20 UTC 2015 

On Fri, Dec 18, 2015 at 9:55 AM, Bajin, Joseph <jbajin at verisign.com> wrote:
> That was me..
>
> We are using McRouter which then speaks to memcached to talk to all the
> memcache servers that you have up and running. It keeps track of what is up
> and down so it knows where to send traffic.  You can get pretty complicated
> with it and we have started to do more complex operations such as warming up
> cache’s, going across regions to look in that cache for things like tokens,
> and a few others.
>
> To start off, you can simple use this configuration [1] which will get you
> the latest token and update/delete/create to the fastest location.
>
> I’ve started to write a small blog post about it, but I haven’t finished out
> the pictures yet.

That's great, looking forward to the post. :)

I didn't have much time to experiment, but I did find in my limited
testing that it was a bit slower than I thought it would be to have
mcrouter in place. But as you say it's very configurable and perhaps I
was using a poor config. If you have any performance information to
share in the post that'd be great too.

Thanks,
Curtis.

>
> Let me know if you have questions though.  I’m happy to share more
> information.
>
> —Joe
>
> [1] https://gist.github.com/RaginBajin/0339436c17e814e16e99
>
> From: Pedro Sousa <pgsousa at gmail.com>
> Date: Friday, December 18, 2015 at 7:36 AM
> To: "Ajay Kalambur (akalambu)" <akalambu at cisco.com>
> Cc: "openstack-operators at lists.openstack.org"
> <openstack-operators at lists.openstack.org>
> Subject: Re: [Openstack-operators] Keystone token HA
>
> Hi Ajay,
>
> someone in this mailing list mentioned mcrouter + memcached to achieve that,
> I'm also looking to test it soon on my lab.
>
> Regards,
> Pedro Sousa
>
> On Fri, Dec 18, 2015 at 6:48 AM, Ajay Kalambur (akalambu)
> <akalambu at cisco.com> wrote:
>>
>> Hi
>> If we deploy Keystone using memcached as token backend we see that
>> bringing down 1 of 3 memcache servers results in some tokens getting
>> invalidated. Does memcached not support replication of tokens
>> So if we wanted HA w.r.t keystone tokens should we use SQL backend for
>> tokens?
>>
>> Ajay
>>
>>
>> _______________________________________________
>> OpenStack-operators mailing list
>> OpenStack-operators at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>
>
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>



-- 
Blog: serverascode.com

More information about the OpenStack-operators mailing list