ACTUAL BEHAVIOR: I have a 14 compute nodes environment with a separate compute controller. With system being idle, i see quantum modules (OVS plugin used here) are requesting to many tokens (approx 2/sec). In a day, it piles up to 150,000 tokens. This behavior adds chattiness and slower performance on the entire OpenStack module's keystone authentication/authorization process. Here is the dump of the count just for a day's run:
select user_id, count(*) from token group by user_id
"2efad4b253f64b4dae65a28f45438d93";10341 <-- admin user
"a1fa17a31a4246518ab3acbf04ff448a";114769 <--quantum user
EXPECTED BEHAVIOR: Though the expiration of the tokens are set for 24 hrs, the quantum is requesting new tokens now n then. Either a missing configuration or code issue that must be causing this.
here is how api-paste.ini looks like under /etc/quantum
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host = 192.168.123.12
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = quantum
admin_password = service_pass
HOW-TO-REPRODUCE:
Install openstack using https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/blob/OVS_MultiNode/OpenStack_Grizzly_Install_Guide.rst
Keep the system idle. Note that the count of token being issue is proportional to no. of compute nodes you have.
--attached conf files
--keystone and quantum logs (from compute, controller+network node)
I agree. I think this issue should be solved in the python-
https:/