Open Stack

On 09/29/2014 12:12 PM, Jay Pipes wrote:
> Hey Stackers,
>
> So, I had a thought this morning (uh-oh, I know...).
>
> What if we wrote a token driver in Keystone that uses Swift for 
> backend storage?
>
> I have long been an advocate of the memcache token driver versus the 
> SQL driver for performance reasons. However, the problem with the 
> memcache token driver is that if you want to run multiple OpenStack 
> regions, you could share the identity data in Keystone using 
> replicated database technology (mysql galera/PXC, pgpool II, or even 
> standard mysql master/slave), but each region needs to have its own 
> memcache service for tokens. This means that tokens are not shared 
> across regions, which means that users have to log in separately to 
> each region's dashboard.
>
> I personally considered this a tradeoff worth accepting. But then, 
> today, I thought... what about storing tokens in a 
> globally-distributed Swift cluster? That would take care of the 
> replication needs automatically, since Swift would do the needful. 
> And, add to that, Swift was designed for storing lots of small 
> objects, which tokens are...
>
> Thoughts? I think it would be a cool dogfooding effort if nothing 
> else, and give users yet another choice in how they handle 
> multi-region tokens.

Um...I hate all persisted tokens.  This takes them to a new level of 
badness.

Do we really need this?



>
> Best,
> -jay
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev