596e8de5eb
Service token will be passed along with user token to communicate with services when dealing with long running tasks like live migration. This change addresses adding service_token to the request when nova requests neutron session. Implements: blueprint use-service-tokens Change-Id: I5e6d6dfeda3673d38bab0bc692c50ca74eb90fc1
15 lines
835 B
YAML
15 lines
835 B
YAML
---
|
|
features:
|
|
- Added support for Keystone middleware feature where if service token is
|
|
sent along with the user token, then it will ignore the expiration of user
|
|
token. This helps deal with issues of user tokens expiring during long
|
|
running operations, such as live-migration where nova tries to access
|
|
Cinder and Neutron at the end of the operation using the user token that
|
|
has expired. In order to use this functionality a service user needs to
|
|
be created. Add service user configurations in ``nova.conf`` under
|
|
``service_user`` group and set ``send_service_user_token`` flag to
|
|
``True``. The minimum Keytone API version 3.8 and Keystone middleware
|
|
version 4.12.0 is required to use this functionality.
|
|
This only currently works with Nova - Cinder and Nova - Neutron API
|
|
interactions.
|