[openstack-dev] [all] [clients] [keystone] lack of retrying tokens leads to overall OpenStack fragility
Angus Lees
gus at inodes.org
Thu Sep 18 01:36:01 UTC 2014
On Wed, 17 Sep 2014 04:53:28 PM Duncan Thomas wrote:
> On 16 September 2014 01:28, Nathan Kinder <nkinder at redhat.com> wrote:
> > The idea would be to leave normal tokens with a smaller validity period
> > (like the current default of an hour), but also allow one-time use
> > tokens to be requested.
>
> Cinder backup makes many requests to swift during a backup, one per
> chunk to be uploaded plus one or more for the metadata file.
Right, and what if the HTTP connection times out and needs to be retried. Can
I reuse my "single use" token?
Also: single-use tokens scale badly since they need a strongly consistent
validation point that in normal use requires frequent writes.
--
- Gus
More information about the OpenStack-dev
mailing list