Reduce tokens time from 24h to 10 minutes for each application #906
Assignees
Labels
enhancement
New feature or request
Comments
denis-tingaikin
changed the title
|
@denis-tingaikin Did this get done? If not, why not? |
|
It is not done. It looks like we missed this ticket. Will do. As I can see we can simply set there 10m https://github.com/networkservicemesh/deployments-k8s/blob/main/examples/spire/server-configmap.yaml#L19 |
|
@denis-tingaikin Token expirationTime is min(svid expirationTime, now + maxTimeout as set by env variable)... I was suggesting we fix maxTimeout's default value from 24h to 10 minutes, not that we change the Spire svid lifetime. |
This was referenced Jul 21, 2021
Merged
[deployments-k8s#906] Decrease default token timeout to 10m
networkservicemesh/cmd-forwarder-vpp#292
Merged
Merged
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Motivation
Previously we've fixed issues with
refresh/timeout:networkservicemesh/sdk#778
networkservicemesh/sdk#650
networkservicemesh/sdk#520
and now we can reduce tokens expiration for each application to 10 minutes (it is 24h at this moment).
Also, we plan to add
refresh/timeoutexamples, but it can be done separately:https://github.com/orgs/networkservicemesh/projects/1#card-55928687
https://github.com/orgs/networkservicemesh/projects/1#card-55928794
The text was updated successfully, but these errors were encountered: