[Openstack-operators] [openstack-dev] Gaining access to consoles.

Tony Breeds tony at bakeyournoodle.com
Wed Aug 12 02:39:42 UTC 2015


On Tue, Aug 11, 2015 at 08:24:10PM -0600, Matt Fischer wrote:
> It was covered some here:
> http://lists.openstack.org/pipermail/openstack-dev/2015-July/069658.html
> and some graphs here: http://www.mattfischer.com/blog/?p=672
> 
> tl;dr is that having revoked tokens affects keystone token validation and
> tokens are validated on almost every API call unless you're using some
> caching.
> 
> It's not a reason to skip this idea, but its something I'm wary of since I
> get the call whenever Keystone gets slow. Depending on how many revocations
> it generates, I might turn it off. To be honest I'm not sure how much this
> feature is used by our customers.

Thanks.  I *think* we're talking about very different tokens.  Stupid
overloading of jargon :(

The consoleauth token doesn't go near keystone.  I'll double check and get back
to you.

Yours Tony.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20150812/34289b57/attachment.pgp>


More information about the OpenStack-operators mailing list