[Openstack-operators] [openstack-operators] Fernet key rotation
Ajay Kalambur (akalambu)
akalambu at cisco.com
Wed Mar 16 21:44:09 UTC 2016
Hi
In a multi node HA deployment for production does key rotate need a keystone process reboot or should we just run the fernet rotate on one node and distribute it without restarting any process
I presume keystone can handle the rotation without a restart?
I also assume this key rotation can happen without a maintenance window
What do folks typically do in production and how often do you rotate keys
Ajay
More information about the OpenStack-operators
mailing list