From 0fc512e0fe986798985b55a58f5432b67e86b49d Mon Sep 17 00:00:00 2001
From: Sam Yaple <sam@yaple.net>
Date: Sat, 19 Aug 2017 18:07:07 +0000
Subject: [PATCH] Revert "Update Keystone haproxy config to balance based on
 source ip"

This reverts commit 91321ac8ff342ad8276c6874f85b7ad3a823a444.

The reasoning given in this commit is incorrect. Keystone/oslo.cache
uses memcached hosts based on a hashing of the key to determine which
memcached host to check. If you have different configured memcached
servers per keystone deployment you have a mis-configured deployment.

Any RESTapi should be capable of roundrobin load-balancing. I am not
familiar with the Murano case with uploading a package, but this change
also does not address Murano at all.

As far as Horizon goes, that hasn't had a problem with shared backends
since the beginning because we use memcached servers with a shared
secret key [1].

All this change has done is lowered the efficiency of loadbalancing
keystone.

[1] https://github.com/openstack/kolla-ansible/blob/master/ansible/roles/horizon/templates/local_settings.j2#L149

Change-Id: Ic0b550e7c96d67c39153933b527ab3edf7d90f27
---
 ansible/roles/haproxy/templates/haproxy.cfg.j2 | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/ansible/roles/haproxy/templates/haproxy.cfg.j2 b/ansible/roles/haproxy/templates/haproxy.cfg.j2
index bec8ce3b80..680a2220a2 100644
--- a/ansible/roles/haproxy/templates/haproxy.cfg.j2
+++ b/ansible/roles/haproxy/templates/haproxy.cfg.j2
@@ -57,7 +57,6 @@ listen mongodb
 {% if enable_keystone | bool %}
 listen keystone_internal
   bind {{ kolla_internal_vip_address }}:{{ keystone_public_port }}
-  balance source
   http-request del-header X-Forwarded-Proto if { ssl_fc }
 {% for host in groups['keystone'] %}
   server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ keystone_public_port }} check inter 2000 rise 2 fall 5
@@ -66,7 +65,6 @@ listen keystone_internal
 
 listen keystone_external
   bind {{ kolla_external_vip_address }}:{{ keystone_public_port }} {{ tls_bind_info }}
-  balance source
   http-request del-header X-Forwarded-Proto if { ssl_fc }
   http-request set-header X-Forwarded-Proto https if { ssl_fc }
 {% for host in groups['keystone'] %}
@@ -76,7 +74,6 @@ listen keystone_external
 
 listen keystone_admin
   bind {{ kolla_internal_vip_address }}:{{ keystone_admin_port }}
-  balance source
   http-request del-header X-Forwarded-Proto if { ssl_fc }
 {% for host in groups['keystone'] %}
   server {{ hostvars[host]['ansible_hostname'] }} {{ hostvars[host]['ansible_' + hostvars[host]['api_interface']]['ipv4']['address'] }}:{{ keystone_admin_port }} check inter 2000 rise 2 fall 5