¿ù°£ Àα⠰Խù°

°Ô½Ã¹° 715°Ç
   
token memcache
±Û¾´ÀÌ : ÃÖ°í°ü¸®ÀÚ ³¯Â¥ : 2016-05-12 (¸ñ) 11:19 Á¶È¸ : 3434
                                
# vim /etc/keystone/keystone.conf
....................
[token]
provider = uuid
#driver = memcache 
driver = sql   # DB »ó¿¡¼­ °ü¸®
expiration = 1800  # ¸¸·á½Ã°£

¡Ø keystone.token Å×ÀÌºí³» ÀúÀåµÇ°í ¸¸·á½Ã°£µµ 1800ÃÊ(30ºÐ)À¸·Î º¯°æ
MariaDB [(none)]> select count(*) from keystone.token;
+----------+
| count(*) |
+----------+
|       22 |
+----------+

root@con-210-21:~# date
2016. 05. 12. (¸ñ) 15:07:00 KST

# openstack token issue
+------------+----------------------------------+
| Field      | Value                            |
+------------+----------------------------------+
| expires    | 2016-05-12T06:36:57.437373Z      |
| id         | e38a481a2b7e45a79eaf91027c52fd4f |
| project_id | 860c2d7242a44776a566fd8fbe73030c |
| user_id    | 0a9078c1003046cca6ff3124161f8ad7 |
+------------+----------------------------------+



https://ask.openstack.org/en/question/1740/keystone-never-delete-expires-token-in-database/
http://www.sebastien-han.fr/blog/2012/12/12/cleanup-keystone-tokens/



http://docs.openstack.org/developer/keystone/configuration.html

Token Persistence Driver

Keystone supports customizable token persistence drivers. These can be specified in the [token] section of the configuration file. Keystone provides three non-test persistence backends. These can be set with the [token] driver configuration option.

The drivers Keystone provides are:

  • memcache_pool - The pooled memcached token persistence engine. This backend supports the concept of pooled memcache client object (allowing for the re-use of the client objects). This backend has a number of extra tunable options in the [memcache] section of the config. Implemented by keystone.token.persistence.backends.memcache_pool.Token
  • sql - The SQL-based (default) token persistence engine. Implemented by keystone.token.persistence.backends.sql.Token
  • memcache - The memcached based token persistence backend. This backend relies on dogpile.cache and stores the token data in a set of memcached servers. The servers URLs are specified in the [memcache] servers configuration option in the Keystone config. Implemented by keystone.token.persistence.backends.memcache.Token

Warning

It is recommended you use the memcache_pool backend instead of memcache as the token persistence driver if you are deploying Keystone under eventlet instead of Apache httpd with mod_wsgi. This recommendation is due to known issues with the use of thread.local under eventlet that can allow the leaking of memcache client objects and consumption of extra sockets.



À̸§ Æнº¿öµå
ºñ¹Ð±Û (üũÇÏ¸é ±Û¾´À̸¸ ³»¿ëÀ» È®ÀÎÇÒ ¼ö ÀÖ½À´Ï´Ù.)
¿ÞÂÊÀÇ ±ÛÀÚ¸¦ ÀÔ·ÂÇϼ¼¿ä.
   

 



 
»çÀÌÆ®¸í : ¸ðÁö¸®³× | ´ëÇ¥ : ÀÌ°æÇö | °³ÀÎÄ¿¹Â´ÏƼ : ·©Å°´åÄÄ ¿î¿µÃ¼Á¦(OS) | °æ±âµµ ¼º³²½Ã ºÐ´ç±¸ | ÀüÀÚ¿ìÆí : mojily°ñ¹ðÀÌchonnom.com Copyright ¨Ï www.chonnom.com www.kyunghyun.net www.mojily.net. All rights reserved.