KeyError 'options' while doing zero downtime upgrade from N to O

Are you able to pin-point which keystone server is throwing the error? Is it coming from keystone node running the newton code or the ocata code?

After taking a closer look at the trace, it looks like the error is coming from a node that is running Ocata [0] since the code in the trace doesn't exist in Newton.

Can you confirm that `keystone-manage db_sync --expand` and `keystone-manage db_sync --migrate` have been run before the Ocata code is actually being run? It looks like the reference returned from the database doesn't actually have the `options` field, so I'm wondering if the migrations were done in order to run Ocata code.

[0] https://github.com/openstack/keystone/blob/stable/ocata/keystone/auth/core.py#L377

Targeting this to Pike until I can recreate.

Marked as incomplete, we need more information on what the deployer is doing / if migrations are run / etc.

[Expired for OpenStack Identity (keystone) because there has been no activity for 60 days.]

I have just done the N -> O upgrade and have seen this error.

We have done the expand and migrate db syncs.

We have 3 newton keystones and when I added an ocata one I saw this issue on the ocata one.

Its happening on a POST to /v3/auth/tokens and is affecting about 3% of requests (we have around 10 requests per second on our keystone)

Happy to provide more information.

Currently I have rolled back but am thinking this might just be an issue during the transition so could bite the bullet and do it quickly.

OK I figured out the issue, it was due to cached tokens. Need to invalidate the cache.

Hi Sam, soon after I reported this bug, my colleague found the root cause in our environment. We stopped using memcached server and this somehow fixed our problem. I have no idea why this could fix it. But you may want to give it a try first. Hope this helps.

luo-lujin, depending on your configuration, memcache might be caching tokens. Meaning you'd be hitting the same issue Sam hit in comment #7.