openstack/placement
Code Issues Proposed changes

Service token is not experimental

Browse Source 
The service token feature is no longer considered experimental.  This
change set rewords the help strings in the service_token conf
accordingly (fixing some typographical issues at the same time).

Change-Id: Ibaf06ff4f19283544de720b0b5f01ddf655b0b46
This commit is contained in:
Eric Fried 2017-11-21 11:20:13 -06:00
parent 16e0d58608
commit 381fb71f3f
1 changed files with 11 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
nova/conf/service_token.py
View File

@ -20,8 +20,8 @@ service_user = cfg.OptGroup(
title = 'Service token authentication type options', title = 'Service token authentication type options',
help = """ help = """
Configuration options for service to service authentication using a service Configuration options for service to service authentication using a service
token. These options allow to send a service token along with the token. These options allow sending a service token along with the user's token
user's token when contacting external REST APIs. when contacting external REST APIs.
""" """
) )
@ -29,19 +29,16 @@ service_user_opts = [
cfg.BoolOpt('send_service_user_token', cfg.BoolOpt('send_service_user_token',
default=False, default=False,
help=""" help="""
When True, if sending a user token to an REST API, also send a service token. When True, if sending a user token to a REST API, also send a service token.
Nova often reuses the user token provided to the nova-api to talk to other Nova often reuses the user token provided to the nova-api to talk to other REST
REST APIs, such as Cinder, Glance and Neutron. It is possible that while the APIs, such as Cinder, Glance and Neutron. It is possible that while the user
user token was valid when the request was made to Nova, the token may expire token was valid when the request was made to Nova, the token may expire before
before it reaches the other service. To avoid any failures, and to it reaches the other service. To avoid any failures, and to make it clear it is
make it clear it is Nova calling the service on the users behalf, we include Nova calling the service on the user's behalf, we include a service token along
a server token along with the user token. Should the user's token have with the user token. Should the user's token have expired, a valid service
expired, a valid service token ensures the REST API request will still be token ensures the REST API request will still be accepted by the keystone
accepted by the keystone middleware. middleware.
This feature is currently experimental, and as such is turned off by default
while full testing and performance tuning of this feature is completed.
"""), """),
] ]