<div dir="ltr"><div>Hi guys,<br><br>I've faced with nova+memcache issue on the cluster in HA-mode.<br><br>Issue is related to nova in case of using REST (that includes Horizon): it's impossible to use auth-token several times because it became unauthorized in cache.<br>
</div><div id="yui_3_10_3_1_1385988284673_176" class="">
<p>Logs:</p>
<p>Nov 13 06:58:49 controller-1461 nova keystoneclient.middleware.auth_token DEBUG Token validation failure.<br>
Traceback (most recent call last):<br>
File "/usr/lib/python2.6/site-packages/keystoneclient/middleware/auth_token.py", line 684, in _validate_u<br>
ser_token<br>
cached = self._cache_get(token_id)<br>
File "/usr/lib/python2.6/site-packages/keystoneclient/middleware/auth_token.py", line 898, in _cache_get<br>
raise InvalidUserToken('Token authorization failed')<br>
InvalidUserToken: Token authorization failed<br>
Nov 13 06:58:49 controller-1461 nova keystoneclient.middleware.auth_token DEBUG Marking token 211b590c4ba94d62a3981fbf91e934dc as unauthorized in memcache</p>
<p>Issue was fixed after the following was added to [keystone_authtoken] section in nova.conf to all controller's nodes:</p>memcache_security_strategy=ENCRYPT<br>memcache_secret_key=any_key<br><br></div><div id="yui_3_10_3_1_1385988284673_176" class="">
But from docs I see that these configs are not required. The issue does not appear with any other services but all of them have memcache_security_strategy empty. So is it a nova-bug or for HA-mode I should configure this params? May the issue be caused by the fact that memcaches are not syncked on controllers? <br>
<br></div><div id="yui_3_10_3_1_1385988284673_176" class="">Thanks,<br></div><div id="yui_3_10_3_1_1385988284673_176" class="">Nadya<br></div><div id="yui_3_10_3_1_1385988284673_176" class=""><br>
</div>
</div>