9e54b29c4f
Service token will be passed along with user token to communicate with services when dealing with long running tasks like live migration. This change addresses adding service_token to the request when nova requests cinder session to interact with cinder. Change-Id: I51eb0a8937fa39a2e5dafb1ad915e7113ea61f72 Implements: blueprint use-service-tokens
15 lines
801 B
YAML
15 lines
801 B
YAML
---
|
|
features:
|
|
- Added support for Keystone middleware feature where if service token is
|
|
sent along with the user token, then it will ignore the expiration of user
|
|
token. This helps deal with issues of user tokens expiring during long
|
|
running operations, such as live-migration where nova tries to access
|
|
Cinder at the end of the operation using the user token that has expired.
|
|
In order to use this functionality a service user needs to be created.
|
|
Add service user configurations in ``nova.conf`` under
|
|
``service_user`` group and set ``send_service_user_token`` flag to
|
|
``True``. The minimum Keytone API version 3.8 and Keystone middleware
|
|
version 4.12.0 is required to use this functionality.
|
|
This only currently works with nova - cinder API interactions.
|
|
|