Comment 0 for bug 1947010

Charmed OpenStack doesn't set an explicit KeepAliveTimeout for OpenStack API and dashboard services, and the default value of KeepAliveTimeout in Apache2 is used which is 5 seconds.

When clients (including OpenStack services themselves talking to other services) open a session using keystoneauth1.session.Session. It tries to use a connection pool and respect HTTP Keep alive timeout. However, due to the suboptimal KeepAliveTimeout on the server side, clients have to re-establish TCP connections whenever an interval of two requests is more than 5 seconds.

I've seen a lot of not-normally terminated sessions ("CD" status) at haproxy in front of apache2. And it's because of the connection reset from the client side due to an expiration of Keep alive timeout.

> CD The client unexpectedly aborted during data transfer. This can be
> caused by a browser crash, by an intermediate equipment between the
> client and haproxy which decided to actively break the connection,
> by network routing issues between the client and haproxy, or by a
> keep-alive session between the server and the client terminated first
> by the client.

By increasing the KeepAliveTimeout value, we can achieve:
- far less frequent not-normally terminated sessions (haproxy logs will be a lot cleaner)
- TCP connections are properly reused in the session, which keystoneauth1.session.Session was designed for
- avoid intermittent but fatal errors of "Remote end closed connection without response" from occurring