parametrized token expiration in keystone.conf
diff --git a/keystone/files/kilo/keystone.conf.Debian b/keystone/files/kilo/keystone.conf.Debian
index e546e18..11ae0f2 100644
--- a/keystone/files/kilo/keystone.conf.Debian
+++ b/keystone/files/kilo/keystone.conf.Debian
@@ -1420,7 +1420,7 @@
# Amount of time a token should remain valid (in seconds). (integer value)
#expiration = 3600
-expiration = 43200
+expiration = {{ server.tokens.expiration }}
# Controls the token construction, validation, and revocation operations. Core
# providers are "keystone.token.providers.[fernet|pkiz|pki|uuid].Provider".
# (string value)
diff --git a/keystone/files/liberty/keystone.conf.Debian b/keystone/files/liberty/keystone.conf.Debian
index 8599fb9..d785f90 100644
--- a/keystone/files/liberty/keystone.conf.Debian
+++ b/keystone/files/liberty/keystone.conf.Debian
@@ -1593,7 +1593,7 @@
# [fernet|pkiz|pki|uuid]. (string value)
#provider = uuid
#expiration = 3600
-expiration = 43200
+expiration = {{ server.tokens.expiration }}
# Controls the token construction, validation, and revocation operations. Core
# providers are "keystone.token.providers.[fernet|pkiz|pki|uuid].Provider".
# (string value)
diff --git a/metadata/service/server/cluster.yml b/metadata/service/server/cluster.yml
index 89eb9e1..5d1bbc1 100644
--- a/metadata/service/server/cluster.yml
+++ b/metadata/service/server/cluster.yml
@@ -30,7 +30,7 @@
user: keystone
tokens:
engine: cache
- expiration: 86400
+ expiration: 43200
location: /etc/keystone/fernet-keys/
cache:
engine: memcached
diff --git a/metadata/service/server/single.yml b/metadata/service/server/single.yml
index 8415473..09d98a1 100644
--- a/metadata/service/server/single.yml
+++ b/metadata/service/server/single.yml
@@ -28,7 +28,7 @@
user: 'keystone'
tokens:
engine: cache
- expiration: 86400
+ expiration: 43200
location: /etc/keystone/fernet-keys/
cache:
engine: memcached