Skip to content

Service: Create join tokens with a lifetime of 1 hour#1341

Merged
roosterfish merged 1 commit intocanonical:mainfrom
roosterfish:longer_token_lifetime
Apr 21, 2026
Merged

Service: Create join tokens with a lifetime of 1 hour#1341
roosterfish merged 1 commit intocanonical:mainfrom
roosterfish:longer_token_lifetime

Conversation

@roosterfish
Copy link
Copy Markdown
Contributor

@roosterfish roosterfish commented Apr 20, 2026

Fixes #1339

@roosterfish roosterfish requested a review from Copilot April 20, 2026 10:00
Copilot AI reviewed Apr 20, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR increases MicroCloud service join-token lifetimes to better accommodate slow or long-running join scenarios (per issue #1339), reducing failures when nodes/services take longer to come online and complete clustering.

Changes:

  • Extend MicroCloud join-token TTL from 5 minutes to 1 hour for MicroCloud, MicroOVN, and MicroCeph services.
  • Update GoDoc comments to reflect the new 1-hour token lifetime and rationale.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
service/microovn.go Increase MicroOVN join-token TTL to 1 hour and update IssueToken docs.
service/microcloud.go Increase MicroCloud join-token TTL to 1 hour and update IssueToken docs.
service/microceph.go Increase MicroCeph join-token TTL to 1 hour and update IssueToken docs.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread service/microovn.go Outdated
Comment thread service/microcloud.go Outdated
Comment thread service/microceph.go Outdated
@roosterfish roosterfish force-pushed the longer_token_lifetime branch from 95f7741 to 28f931d Compare April 20, 2026 10:07
@roosterfish
Copy link
Copy Markdown
Contributor Author

roosterfish commented Apr 20, 2026

Pipeline fails until #1338 is merged.

@roosterfish
service: Create join tokens with a lifetime of 1 hour
5a67e54 
This accommodates slower environments but especially join procedures with lots of necessary setup actions.
An example is setting up a MicroCloud with many OSDs.

Fixes canonical#1339.

Signed-off-by: Julian Pelizäus <julian.pelizaeus@canonical.com>
@roosterfish roosterfish force-pushed the longer_token_lifetime branch from 28f931d to 5a67e54 Compare April 21, 2026 06:10
@roosterfish roosterfish marked this pull request as ready for review April 21, 2026 06:42
@roosterfish roosterfish requested a review from tugbataluy April 21, 2026 06:42
tugbataluy
tugbataluy reviewed Apr 21, 2026
View reviewed changes
Comment thread service/service_handler.go
)

// ServiceJoinTokenLifetime is the duration for which a join token issued by a service will be valid.
const ServiceJoinTokenLifetime = time.Hour
Copy link
Copy Markdown
Contributor

@tugbataluy tugbataluy Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just out of curiosity, why we are extending the lifetime to an hour specifically (for example are 30 mins insufficient)?

Copy link
Copy Markdown
Contributor Author

@roosterfish roosterfish Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The max session timeout for joining/discovering MicroCloud members is also capped at one hour.
So I didn't want to go beyond what we already defined to be a max limit for joining a MicroCloud.
Now equally it should be safe to say that join tokens are also permitted to last for one hour.

With one hour I suspect we can accommodate all of the scenarios in which MicroCloud gets deployed with many resources or on slower environments.

Copy link
Copy Markdown
Contributor

@tugbataluy tugbataluy Apr 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks :D

tugbataluy
tugbataluy approved these changes Apr 21, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@tugbataluy tugbataluy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Extending the lifetime seems reasonable to me, thanks ❇️ .

@roosterfish roosterfish merged commit dba2b7b into canonical:main Apr 21, 2026
26 of 27 checks passed
@roosterfish roosterfish deleted the longer_token_lifetime branch April 21, 2026 11:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tugbataluy tugbataluy tugbataluy approved these changes

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Increase the join token timeout

3 participants

@roosterfish @tugbataluy