On Mon, Aug 3, 2015 at 7:03 AM, David Stanek <dsta...@dstanek.com> wrote:
> > On Mon, Aug 3, 2015 at 7:14 AM, Davanum Srinivas <dava...@gmail.com> > wrote: > >> agree. "Native HA solution" was already ruled out in several email >> threads by keystone cores already (if i remember right). This is a >> devops issue and should be handled as such was the feedback. >> > > I'm sure you are right. I'm not sure why we would want to add that much > complexity into Keystone. > ++, I think the more complicated the tool to distribute the keys, the more complex it is to troubleshoot issues when things go south. If you have an issue with a single Keystone node, you have to understand whatever mechanism that keeps keys in sync, as well as what could go wrong and how to fix it. This is in comparison to something, or some ansible script, that is idempotent and can be applied against the whole cluster, or a single node. The ability of having a staged key buys you time in the key distribution process. > > > > -- > David > blog: http://www.traceback.org > twitter: http://twitter.com/dstanek > www: http://dstanek.com > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > >
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
