memcached cache not get expired

Bug #1901124 reported by norman shen
This bug affects 3 people
Affects Status Importance Assigned to Milestone
OpenStack Identity (keystone)

Bug Description

We are using openstack rocky and we I check the memcached, I found

root@compute:~# telnet compute 11211
Connected to compute.
Escape character is '^]'.
stats cachedump 15 1
ITEM c9067b617ec1e6e7f78318c19e7ce2c7f4f9dcd6 [2034 b; 0 s]

expiration time not setup for the keys. even I set all of the cache_time options, it still not get changed.

password_hash_rounds = 4
driver = sql

driver = sql

cache_time = 300

driver = sql
cache_time = 300

driver = sql
cache_time = 300

cache_time = 300

expiration_time = 300

memcache_servers = compute:11211
backend = dogpile.cache.memcached
enabled = true
expiration_time = 300
cache_time = 300

transport_url = rabbit://stackrabbit:secret@

max_token_size = 16384
debug = True
logging_exception_prefix = ERROR %(name)s %(instance)s
logging_default_format_string = %(color)s%(levelname)s %(name)s [-%(color)s] %(instance)s%(color)s%(message)s
logging_context_format_string = %(color)s%(levelname)s %(name)s [%(global_request_id)s %(request_id)s %(project_name)s %(user_name)s%(color)s] %(instance)s%(color)s%(message)s
logging_debug_format_suffix = {{(pid=%(process)d) %(funcName)s %(pathname)s:%(lineno)d}}
admin_endpoint =
public_endpoint =

provider = fernet
cache_time = 300

connection = mysql+pymysql://root:secret@

key_repository = /etc/keystone/fernet-keys/

key_repository = /etc/keystone/credential-keys/

unique_last_password_count = 2
lockout_duration = 10
lockout_failure_attempts = 2

cache_time = 300

Revision history for this message
norman shen (jshen28) wrote :

By looking at dogpile, seems adding backend_argument = memcached_expire_time:3600 under [cache] solves the problem, is it expected behavior?

Revision history for this message (gujun1989) wrote :

I found the same issue with you. The solution you provide can solve the issue, but keystone maybe need to optimize the configurations to solve the issue completely.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.