Comment 2 for bug 1401437

The code mentioned has been replaced. Looking at master calling client looks like:

    return cinder_client.Client(version,
                                session=_SESSION,
                                auth=auth,
                                endpoint_override=endpoint_override,
                                connect_retries=CONF.cinder.http_retries,
                                **service_parameters)

The auth plugin specified by auth knows that it got this from a user token and will not attempt to reauthenticate.

Similarly for problem 2, the auth plugin sorts this out, there is a token within the plugin that is used for requests. This negates the need for all those horrible cinderclient context hacks.

Retries are a known problem throughout all of OpenStack, however we can't pass a user_id and password to cinder from nova because this is the user's data - and nova never knows the user's password.