[Openstack] multi-region design?
t.goto
tomoya.goto at ctc-g.co.jp
Tue Dec 2 06:47:53 UTC 2014
Hello, I'd like to know how you're designing multi-region setup.
I tired with following design and it worked. I could switch regions
without re-authentication.
- (shared) keystone, keystone-DB, memcached for token, horizon
- (each Region) OpenStack set minus keystone/horizon
But those services in each region have to talk to remote keystone for
token-validation.
I don't think this is efficient.
So I placed keystone and memcached for each region to prevent remote
token-validation.
And I replicated keystone database between regions so that users can
switch region without re-authentication.
Now this design doesn't work.
When I shared memcached tokens between regions, it worked.
Did anybody succesfuly designed mult-region setup, with efficient token
use and without re-authentication when region switch?
Thank you.
More information about the Openstack
mailing list