[Openstack-operators] Keystone /w PKI
Linux Datacenter
linuxdatacenter at gmail.com
Wed Oct 10 11:27:21 UTC 2012
Hi,
I am just trying to set up keystone in Folsom using the PKI mechanism:
http://wiki.openstack.org/PKI
To my understanding - this mechanism gets rid of the token revalidation
calls from openstack compnents to keystone.
I successfully enabled PKI in keystone conf and can get encrypted tokens
with keystone token-get.
Also nova, glance, quantum seem to work fine with these tokens.
However, each time I make a call to any API server (e.g. nova, glance), I
keep seeing the following in the output of keystone:
(eventlet.wsgi.server): 2012-10-10 02:31:14,926 DEBUG wsgi write 127.0.0.1
- - [10/Oct/2012 02:31:14] "POST /v2.0/tokens HTTP/1.1" 200 7318 0.549131
which indicates that API services still try to hog keystone (?)
Is it a normal behavior or should I adjust my pipelines in api-paste files
for the API services?
Thanks,
-Piotr
--
checkout my blog on linux clusters:
-- linuxdatacenter.blogspot.com --
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20121010/aed28f44/attachment-0001.html>
More information about the OpenStack-operators
mailing list