Quantum client should refresh keystone token

right now we work around this by recreating a quantumclient each time we need to use it... but that is clunky, and probably puts more load on keystone.

Nachi,
I have a fix for this.
If you have not worked on it, I would like to post the patch.

Awesome!
I got it.

What env or cases are you talking about? I am confused.

In the Quantum or Nova code, we are initializing quantum client on each method call.
This bug addresses that problem.

Most of the methods called in a nova context will get the token from it. Only that methods called in periodic tasks need to auth and then get the token.

We can improve later case by a cache.

This bug is not for that case.
There are some use case we need admin token of Quantum in the Quantum and Nova.
L3 or DHCP agent are one of usecase.
In nova, quantumv2 network api is another example.

As Nachi wrote, L3 agent, DHCP agent or Meta Plugin's proxy agent use quantum client inside. They initialize quantumclient at the startup sequence and reuse the quantumclient object.

In the current implementation, once keystone authN is done, the keystone token is not refreshed even after the token is expired. quantumclient.client.HTTPClient check only self.endpoint_url and if self.endpoint_url is set the client never do keystone authN, so the token expired is never refreshed. It is the reason.

Gerrit Review is available: https://review.openstack.org/#/c/11206/

Yes, I run into this with l3-agent. It will be nice to have this fix.

The patch has been merged into the mainline.