[openstack-dev] [Nova] too many tokens
Matt Riedemann
mriedem at us.ibm.com
Wed Jul 3 20:18:48 UTC 2013
For some history, there was an attempt at consolidating some of this here:
https://github.com/openstack/nova/commit/dd9c27f999221001bae9faa03571645824d2a681
But that caused some issues and was reverted here:
https://github.com/openstack/nova/commit/ee5d9ae8d376e41e852b06488e922400cf69b4ac
Thanks,
MATT RIEDEMANN
Advisory Software Engineer
Cloud Solutions and OpenStack Development
Phone: 1-507-253-7622 | Mobile: 1-507-990-1889
E-mail: mriedem at us.ibm.com
3605 Hwy 52 N
Rochester, MN 55901-1407
United States
From: Ala Rezmerita <ala.rezmerita at cloudwatt.com>
To: OpenStack Development Mailing List
<openstack-dev at lists.openstack.org>,
Cc: gongysh at unitedstack.com, hrushikesh.gangur at hp.com
Date: 07/03/2013 11:26 AM
Subject: [openstack-dev] [Nova] too many tokens
Hi everyone,
I have a question regarding too many token generation in nova when using
quantumclient (also related to bug reports
https://bugs.launchpad.net/nova/+bug/1192383 +
https://bugs.launchpad.net/nova-project/+bug/1191159)
For instance during the periodic task heal_instance_info_cache (every
60s) nova calls quantum API method get_instance_nw_info that calls
_build_network_info_model (backtrace at the end of the mail).
During the execution of this method, 4 quantum clients intances are
created (all of them use the same context object) and for each of them a
new token is generated.
Is it possible to change this behavior by updating the context.auth_token
property the first time a quantumclient for a given context is created (so
that the same token will be reused among the 4 client instances) ? Is
there some security issue that can appear?
Thanks
Ala Rezmerita
Cloudwatt
The backtrace :
/usr/local/lib/python2.7/dist-packages/eventlet/greenthread.py(194)main()
-> result = function(*args, **kwargs)
/opt/stack/nova/nova/openstack/common/loopingcall.py(125)_inner()
-> idle = self.f(*self.args, **self.kw)
/opt/stack/nova/nova/service.py(283)periodic_tasks()
-> return self.manager.periodic_tasks(ctxt, raise_on_error=raise_on_error)
/opt/stack/nova/nova/manager.py(100)periodic_tasks()
-> return self.run_periodic_tasks(context, raise_on_error=raise_on_error)
/opt/stack/nova/nova/openstack/common/periodic_task.py(179)run_periodic_tasks()
-> task(self, context)
/opt/stack/nova/nova/compute/manager.py(3654)_heal_instance_info_cache()
-> self._get_instance_nw_info(context, instance)
/opt/stack/nova/nova/compute/manager.py(767)_get_instance_nw_info()
-> instance, conductor_api=self.conductor_api)
/opt/stack/nova/nova/network/quantumv2/api.py(367)get_instance_nw_info()
-> result = self._get_instance_nw_info(context, instance, networks)
/opt/stack/nova/nova/network/quantumv2/api.py(375)_get_instance_nw_info()
-> nw_info = self._build_network_info_model(context, instance, networks)
/opt/stack/nova/nova/network/quantumv2/api.py(840)_build_network_info_model()
-> client = quantumv2.get_client(context, admin=True)
> /opt/stack/nova/nova/network/quantumv2/__init__.py(67)get_client()
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130703/a27a75df/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1851 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20130703/a27a75df/attachment.gif>
More information about the OpenStack-dev
mailing list