[octavia] Help with fix barbican client in octavia when use trust-scoped token
Ришат Азизов
rishat.azizov at gmail.com
Wed Aug 24 11:55:25 UTC 2022
Hello!
I added my logs to storyboard:
https://storyboard.openstack.org/#!/story/2007619
Thanks.
пн, 22 авг. 2022 г. в 02:17, Michael Johnson <johnsomor at gmail.com>:
> Hi,
>
> Can you please attach your traceback to the story?
>
> Michael
>
> On Sat, Aug 20, 2022 at 12:24 PM Dmitriy Rabotyagov
> <noonedeadpunk at gmail.com> wrote:
> >
> > Hey,
> >
> > It's not barbican client and issue, but how Octavia does create token
> out of application credentials.
> >
> > We've also catched that issue and tried to solve it from keystone side
> [1], but seems that code refactoring is required.
> > While proposed workaround for keystone kind of works, I guess it might
> cause more serious security concerns, as basically creating token from
> application credentials token seems to be never supported by keystone.
> >
> > [1] https://bugs.launchpad.net/keystone/+bug/1959674
> >
> >
> > сб, 20 авг. 2022 г., 20:29 Ришат Азизов <rishat.azizov at gmail.com>:
> >>
> >> Hello!
> >>
> >> I have error with terminated https loadbalancer, it described here:
> https://storyboard.openstack.org/#!/story/2007619
> >>
> >> Could you please help with fix for barbican client?
> >> Thank you.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.openstack.org/pipermail/openstack-discuss/attachments/20220824/673b2a72/attachment.htm>
More information about the openstack-discuss
mailing list