[Keystone] Managing keystone tokens in high availability environment
Taha Adel
eng.taha1928 at gmail.com
Wed Apr 7 17:17:10 UTC 2021
Hello Engineers and Developers,
I'm currently deploying a three-nodes openstack controller cluster,
controller-01, controller-02, anc controller-03. I have installed the
keystone service on the three controllers and generated fernet keys on one
node and distributed the keys to the other nodes of the cluster. Hence, I
have configured an HAProxy in front of them that would distribute the
incoming requests over them.
The issue is, when I try to access the keystone endpoint from using the VIP
of the loadbalancer, the service works ONLY on the node that I have
generated the keys on, and it doesn't work on the nodes that got the keys
by distribution. the error message I have got is *"INTERNAL SERVER ERROR
(500)"*
In other words, the node that had* keystone-manage fernet_setup *command
ran on it, it can run the service properly, but the others can't.
Is the way of replicating the key incorrect? is there any other way?
Thanks in advance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20210407/f3b98bef/attachment-0001.html>
More information about the openstack-discuss
mailing list