On 09/30/2014 11:37 AM, Adam Young wrote:
On 09/30/2014 11:06 AM, Louis Taylor wrote:
On Tue, Sep 30, 2014 at 10:44:51AM -0400, Adam Young wrote:
What are the uses that require long lived tokens?
Glance has operations which can take a long time, such as uploading and
downloading large images.
Yes, but the token is only authenticated at the start of the operation.
Does anything need to happen afterwards?

Funny you mention it... :) We were just having this conversation on IRC about Nikesh's issues with some Tempest volume tests and a token expiration problem.

So, yes, a Glance upload operation makes a series of HTTP calls in the course of the upload:

 POST $registry/images <-- Creates the queued image record
 ...  upload of chunked body of HTTP request to backend like Swift ..
 PUT $registry/images/<IMAGE_ID> <-- update image status and checksum

So, what seems to be happening here is that the PUT call at the end of uploading the snapshot is using the same token that was created in the keystone client of the tempest test case during the test classes' setUpClass() method, and the test class ends up running for >1 hour, and by the time the PUT call is reached, the token has expired.

-jay

_______________________________________________
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Reply via email to