You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the s3_auth plugin for v4 signatures, there is an undocumented feature that allows for an expiration configuration. The plugin goes through considerable effort to reload a nearly expired token (
// If the token has more than one hour to expire, reload is scheduled one hour before expiration.
), but is largely silent about doing so, which hampers operational ability to detect and remediate the issue. I'd suggest:
In the cases mentioned in code comments (1 hour before, 15min before, and at expiration) logging that the token is about to expire as more than debug level.
the log should have the token's name so that an operator can find the specific issue
there appears to be an error log printed ~10min after the token has expired. I think it would be appropriate to continue logging every 10 times -- eg,
In the s3_auth plugin for v4 signatures, there is an undocumented feature that allows for an expiration configuration. The plugin goes through considerable effort to reload a nearly expired token (
trafficserver/plugins/s3_auth/s3_auth.cc
Line 1037 in 6e00344
trafficserver/plugins/s3_auth/s3_auth.cc
Line 1084 in 6e00344
The text was updated successfully, but these errors were encountered: