changing telemetry_secret key results in loss of messages in message queue
Bug #1760669 reported by
Abhishek Sharma M
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ceilometer |
New
|
Undecided
|
Unassigned |
Bug Description
telemetry_secret holds a secret password/key and is present under [publisher] section of ceilometer.conf file. This telemetry_secret is used to sign ceilometer messages which flow through a messaging queue. When we change this secret key, the messages already present in the message queue which were signed by the previous telemetry_secret cannot be validated/unsigned by ceilometer and they will be lost.
Many customers of openstack would want this functionality where in telemetry_secret gets changed every few months for security reasons & in those cases the messages in message queue should not be lost.
To post a comment you must log in.