yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1452418] Re: Fernet tokens read from disk on every request

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Dolph Mathews <1452418@xxxxxxxxxxxxxxxxxx>
Date: Thu, 13 Aug 2015 15:27:58 -0000
Reply-to: Bug 1452418 <1452418@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Also affects: keystone/kilo
   Importance: Undecided
       Status: New

** Changed in: keystone/kilo
   Importance: Undecided => Low

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1452418

Title:
  Fernet tokens read from disk on every request

Status in Keystone:
  Fix Committed
Status in Keystone kilo series:
  New

Bug description:
  The fernet keys are stored (by default) in /etc/keystone/fernet-keys/
  in individual key files. All keys are read from disk on every request,
  so you end up with log spam like:

    keystone.token.providers.fernet.utils [-] Loaded 2 encryption keys
  from: /etc/keystone/fernet-keys/

  Keystone really only needs to hit the disk periodically to check for a
  different set of keys, not on every request.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1452418/+subscriptions

References

[Bug 1452418] [NEW] Fernet tokens read from disk on every request
From: Dolph Mathews, 2015-05-06