Token verification should use internal endpoint instead of admin endpoint
Bug #1899266 reported by
Takashi Kajinami
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
Medium
|
Takashi Kajinami |
Bug Description
Until the default value of the interface parameter in keystonemiddleware was changed in Victoria[1], keystonemiddleware uses admin endpoint for token veritifcation.
[1] https:/
In general we use internal endpoint for communication between components, so we should ensure that internal endpoint is used instead.
One more concern with using keystone admin endpoint is that outage of provisioning network can affect overcloud functionality because keystone admin endpoint is deployed on provisioning network by default.
Changed in tripleo: | |
importance: | Undecided → Medium |
milestone: | none → victoria-3 |
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/757295
Review: https:/