[openstack-dev] [all][keystone] Increase of USER_ID length maximum from 64 to 255

Vishvananda Ishaya vishvananda at gmail.com
Tue Mar 4 18:38:56 UTC 2014

On Mar 3, 2014, at 11:32 AM, Jay Pipes <jaypipes at gmail.com> wrote:

> On Mon, 2014-03-03 at 11:09 -0800, Vishvananda Ishaya wrote:
>> On Mar 3, 2014, at 6:48 AM, Jay Pipes <jaypipes at gmail.com> wrote:
>>> On Sun, 2014-03-02 at 12:05 -0800, Morgan Fainberg wrote:
>>>> Having done some work with MySQL (specifically around similar data
>>>> sets) and discussing the changes with some former coworkers (MySQL
>>>> experts) I am inclined to believe the move from varchar  to binary
>>>> absolutely would increase performance like this.
>>>> However, I would like to get some real benchmarks around it and if it
>>>> really makes a difference we should get a smart "UUID" type into the
>>>> common SQLlibs (can pgsql see a similar benefit? Db2?) I think this
>>>> conversation. Should be split off from the keystone one at hand - I
>>>> don't want valuable information / discussions to get lost.
>>> No disagreement on either point. However, this should be done after the
>>> standardization to a UUID user_id in Keystone, as a separate performance
>>> improvement patch. Agree?
>>> Best,
>>> -jay
>> -1
>> The expectation in other projects has been that project_ids and user_ids are opaque strings. I need to see more clear benefit to enforcing stricter typing on these, because I think it might break a lot of things.
> What does Nova lose here? The proposal is to have Keystone's user_id
> values be UUIDs all the time. There would be a migration or helper
> script against Nova's database that would change all non-UUID user_id
> values to the Keystone UUID values.

So I don’t have a problem with keystone internally using uuids, but forcing
a migration of user identifiers isn’t something that should be taken lightly.
One example is external logging and billing systems which now have to be

I’m not opposed to the migration in principle. We may have to do a similar
thing for project_ids with hierarchical multitenancy, for example. I just
think we need a really good reason to do it, and the performance arguments
just don’t seem good enough without a little empirical data.


> If there's stuff in Nova that would break (which is doubtful,
> considering like you say, these are supposed to be "opaque values" and
> as such should not have any restrictions or validation on their value),
> then that is code in Nova that should be fixed.
> Honestly, we shouldn't accept poor or loose code just because "stuff
> might break".
> -jay
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140304/35f41924/attachment.pgp>

More information about the OpenStack-dev mailing list