diff options
author | Dolph Mathews <dolph.mathews@gmail.com> | 2015-07-29 19:27:50 +0000 |
---|---|---|
committer | Dolph Mathews <dolph.mathews@gmail.com> | 2015-08-18 20:42:55 +0000 |
commit | 2f580e4adbafbe6530bd8ab9eff4c085bbb53909 (patch) | |
tree | 8f7f6a973a735e1c1440097fda177bcfb337489d | |
parent | 6c106e980075a301b21e1907ab0c681dd5d91e88 (diff) | |
download | keystone-2f580e4adbafbe6530bd8ab9eff4c085bbb53909.tar.gz |
Reduce number of Fernet log messages
This particular message gets quite repetitive as it's logged per token
creation & validation request. Once max_active_keys is reached, it has
little utility beyond letting you know that the number of active Fernet
keys is (still) correct.
NOTE: Unlike the patch to master, this backport does not change the log
message itself, only whether or not it is logged.
Change-Id: I6f497a5defa3c1da5bda54aa5f9e7303a0352d83
Closes-Bug: 1452418
(cherry picked from commit 207e9783bdc5ae6200a77f3307197777634da951)
-rw-r--r-- | keystone/token/providers/fernet/utils.py | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/keystone/token/providers/fernet/utils.py b/keystone/token/providers/fernet/utils.py index ab5859da8..823fc3b17 100644 --- a/keystone/token/providers/fernet/utils.py +++ b/keystone/token/providers/fernet/utils.py @@ -246,10 +246,16 @@ def load_keys(): else: keys[key_id] = key_file.read() - LOG.info(_LI( - 'Loaded %(count)s encryption keys from: %(dir)s'), { - 'count': len(keys), - 'dir': CONF.fernet_tokens.key_repository}) + if len(keys) != CONF.fernet_tokens.max_active_keys: + # If there haven't been enough key rotations to reach max_active_keys, + # or if the configured value of max_active_keys has changed since the + # last rotation, then reporting the discrepancy might be useful. Once + # the number of keys matches max_active_keys, this log entry is too + # repetitive to be useful. + LOG.info(_LI( + 'Loaded %(count)s encryption keys from: %(dir)s'), { + 'count': len(keys), + 'dir': CONF.fernet_tokens.key_repository}) # return the encryption_keys, sorted by key number, descending return [keys[x] for x in sorted(keys.keys(), reverse=True)] |