commit fafcafa4dfff613fd7e591da9bf68aabbbf2553e
Author: kevin <email address hidden>
Date: Thu Jun 25 21:15:11 2015 -0500
Updated default fernet key usage
This change makes the use of fernet tokens production ready. The changes are
as follows:
* Ensures that the keys are rotated on every playbook execution
* Removes the need to sync keys back to a deployment host when distributing
them to other keystone hosts.
* Creates an autonomous key rotation process that can rotate on the following
intervals [reboot, yearly, annually, monthly, weekly, daily, hourly] to all
hosts from any keystone fernet host.
* Fixes the section in `keystone.conf` which was named "fernet_key" instead
of "fernet_token".
Reviewed: https:/ /review. openstack. org/196499 /git.openstack. org/cgit/ stackforge/ os-ansible- deployment/ commit/ ?id=fafcafa4dff f613fd7e591da9b f68aabbbf2553e
Committed: https:/
Submitter: Jenkins
Branch: kilo
commit fafcafa4dfff613 fd7e591da9bf68a abbbf2553e
Author: kevin <email address hidden>
Date: Thu Jun 25 21:15:11 2015 -0500
Updated default fernet key usage
This change makes the use of fernet tokens production ready. The changes are
as follows:
* Ensures that the keys are rotated on every playbook execution
* Removes the need to sync keys back to a deployment host when distributing
them to other keystone hosts.
* Creates an autonomous key rotation process that can rotate on the following
intervals [reboot, yearly, annually, monthly, weekly, daily, hourly] to all
hosts from any keystone fernet host.
* Fixes the section in `keystone.conf` which was named "fernet_key" instead
of "fernet_token".
Change-Id: I50f6a852930728 631f5c681a8aa0f 1321d7424ac 69479feb98ea815 f0bc7d30a4)
Related-Bug: #1463569
Closes-Bug: #1468256
(cherry picked from commit df3edca7a6def88