airship
/
armada
Code Issues Proposed changes

feat(tiller): adding namespace flag 

Adding tiller-namespace (tn) flag to allow for setting specific tiller namespace

Updated:
- Armada API
- Test API
- Tiller API
- Armada handler
- Tiller handler
- cli/apply
- cli/test
- cli/tiller

Change-Id: I3a18d6ec2ce2f771c9349d6b337537f193f6c73d
This commit is contained in:
Roadrunner2058 2017-12-13 19:37:02 +00:00 committed by Felipe Monteiro
parent 722d6122b6
commit ded826d3d1
15 changed files with 228 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
armada/api/controller/armada.py
View File

@ -16,6 +16,7 @@ import json
import yaml
import falcon
from oslo_config import cfg
from armada import api
from armada.common import policy
@ -24,6 +25,8 @@ from armada.handlers.armada import Armada
from armada.handlers.document import ReferenceResolver
from armada.handlers.override import Override
CONF = cfg.CONF
class Apply(api.BaseResource):
"""Controller for installing and updating charts defined in an Armada
@ -78,8 +81,11 @@ class Apply(api.BaseResource):
dry_run=req.get_param_as_bool('dry_run'),
wait=req.get_param_as_bool('wait'),
timeout=req.get_param_as_int('timeout') or 3600,
tiller_host=req.get_param('tiller_host', default=None),
tiller_port=req.get_param_as_int('tiller_port') or 44134,
tiller_host=req.get_param('tiller_host'),
tiller_port=req.get_param_as_int(
'tiller_port') or CONF.tiller_port,
tiller_namespace=req.get_param(
'tiller_namespace', default=CONF.tiller_namespace),
target_manifest=req.get_param('target_manifest')
)

20
armada/api/controller/test.py
View File

@ -15,6 +15,7 @@
import json
import falcon
from oslo_config import cfg
from armada import api
from armada.common import policy
@ -23,6 +24,8 @@ from armada.handlers.tiller import Tiller
from armada.handlers.manifest import Manifest
from armada.utils.release import release_prefix
CONF = cfg.CONF
class Test(api.BaseResource):
'''
@ -33,9 +36,12 @@ class Test(api.BaseResource):
def on_get(self, req, resp, release):
try:
self.logger.info('RUNNING: %s', release)
opts = req.params
tiller = Tiller(tiller_host=opts.get('tiller_host', None),
tiller_port=opts.get('tiller_port', None))
tiller = Tiller(
tiller_host=req.get_param('tiller_host'),
tiller_port=req.get_param_as_int(
'tiller_port') or CONF.tiller_port,
tiller_namespace=req.get_param(
'tiller_namespace', default=CONF.tiller_namespace))
tiller_resp = tiller.testing_release(release)
msg = {
'result': '',
@ -77,8 +83,12 @@ class Tests(api.BaseResource):
@policy.enforce('armada:tests_manifest')
def on_post(self, req, resp):
try:
tiller = Tiller(tiller_host=req.get_param('tiller_host', None),
tiller_port=req.get_param('tiller_port', None))
tiller = Tiller(
tiller_host=req.get_param('tiller_host'),
tiller_port=req.get_param_as_int(
'tiller_port') or CONF.tiller_port,
tiller_namespace=req.get_param(
'tiller_namespace', default=CONF.tiller_namespace))
documents = self.req_yaml(req)
target_manifest = req.get_param('target_manifest', None)

24
armada/api/controller/tiller.py
View File

@ -15,11 +15,14 @@
import json
import falcon
from oslo_config import cfg
from armada import api
from armada.common import policy
from armada.handlers.tiller import Tiller
CONF = cfg.CONF
class Status(api.BaseResource):
@policy.enforce('tiller:get_status')
@ -28,10 +31,12 @@ class Status(api.BaseResource):
get tiller status
'''
try:
opts = req.params
tiller = Tiller(
tiller_host=opts.get('tiller_host', None),
tiller_port=opts.get('tiller_port', None))
tiller_host=req.get_param('tiller_host'),
tiller_port=req.get_param_as_int(
'tiller_port') or CONF.tiller_port,
tiller_namespace=req.get_param(
'tiller_namespace', default=CONF.tiller_namespace))
message = {
'tiller': {
@ -54,14 +59,15 @@ class Status(api.BaseResource):
class Release(api.BaseResource):
@policy.enforce('tiller:get_release')
def on_get(self, req, resp):
'''
get tiller releases
'''Controller for listing Tiller releases.
'''
try:
# Get tiller releases
opts = req.params
tiller = Tiller(tiller_host=opts.get('tiller_host', None),
tiller_port=opts.get('tiller_port', None))
tiller = Tiller(
tiller_host=req.get_param('tiller_host'),
tiller_port=req.get_param_as_int(
'tiller_port') or CONF.tiller_port,
tiller_namespace=req.get_param(
'tiller_namespace', default=CONF.tiller_namespace))
releases = {}
for release in tiller.list_releases():

53
armada/cli/apply.py
View File

@ -91,11 +91,16 @@ SHORT_DESC = "command install manifest charts"
type=str,
default=[])
@click.option('--tiller-host',
help="Tiller host IP.")
help="Tiller host IP.",
default=None)
@click.option('--tiller-port',
help="Tiller host port.",
type=int,
default=44134)
default=CONF.tiller_port)
@click.option('--tiller-namespace', '-tn',
help="Tiller namespace.",
type=str,
default=CONF.tiller_namespace)
@click.option('--timeout',
help="Specifies time to wait for charts to deploy.",
type=int,
@ -120,20 +125,33 @@ SHORT_DESC = "command install manifest charts"
@click.pass_context
def apply_create(ctx, locations, api, disable_update_post, disable_update_pre,
dry_run, enable_chart_cleanup, set, tiller_host, tiller_port,
timeout, values, wait, target_manifest, debug):
tiller_namespace, timeout, values, wait, target_manifest,
debug):
if debug:
CONF.debug = debug
ApplyManifest(ctx, locations, api, disable_update_post, disable_update_pre,
dry_run, enable_chart_cleanup, set, tiller_host, tiller_port,
timeout, values, wait, target_manifest).invoke()
tiller_namespace, timeout, values, wait,
target_manifest).invoke()
class ApplyManifest(CliAction):
def __init__(self, ctx, locations, api, disable_update_post,
disable_update_pre, dry_run, enable_chart_cleanup, set,
tiller_host, tiller_port, timeout, values, wait,
def __init__(self,
ctx,
locations,
api,
disable_update_post,
disable_update_pre,
dry_run,
enable_chart_cleanup,
set,
tiller_host,
tiller_port,
tiller_namespace,
timeout,
values,
wait,
target_manifest):
super(ApplyManifest, self).__init__()
self.ctx = ctx
@ -147,6 +165,7 @@ class ApplyManifest(CliAction):
self.set = set
self.tiller_host = tiller_host
self.tiller_port = tiller_port
self.tiller_namespace = tiller_namespace
self.timeout = timeout
self.values = values
self.wait = wait
@ -182,10 +201,19 @@ class ApplyManifest(CliAction):
return
armada = Armada(
documents, self.disable_update_pre, self.disable_update_post,
self.enable_chart_cleanup, self.dry_run, self.set, self.wait,
self.timeout, self.tiller_host, self.tiller_port, self.values,
self.target_manifest)
documents,
disable_update_pre=self.disable_update_pre,
disable_update_post=self.disable_update_post,
enable_chart_cleanup=self.enable_chart_cleanup,
dry_run=self.dry_run,
set_ovr=self.set,
wait=self.wait,
timeout=self.timeout,
tiller_host=self.tiller_host,
tiller_port=self.tiller_port,
tiller_namespace=self.tiller_namespace,
values=self.values,
target_manifest=self.target_manifest)
resp = armada.sync()
self.output(resp)
@ -202,6 +230,7 @@ class ApplyManifest(CliAction):
'enable_chart_cleanup': self.enable_chart_cleanup,
'tiller_host': self.tiller_host,
'tiller_port': self.tiller_port,
'tiller_namespace': self.tiller_namespace,
'timeout': self.timeout,
'wait': self.wait
}

30
armada/cli/test.py
View File

@ -15,6 +15,7 @@
import yaml
import click
from oslo_config import cfg
from armada.cli import CliAction
from armada import const
@ -22,6 +23,8 @@ from armada.handlers.manifest import Manifest
from armada.handlers.tiller import Tiller
from armada.utils.release import release_prefix
CONF = cfg.CONF
@click.group()
def test():
@ -53,22 +56,28 @@ SHORT_DESC = "command test releases"
@test.command(name='test', help=DESC, short_help=SHORT_DESC)
@click.option('--file', help='armada manifest', type=str)
@click.option('--release', help='helm release', type=str)
@click.option('--tiller-host', help="Tiller Host IP")
@click.option('--tiller-host', help="Tiller Host IP", default=None)
@click.option(
'--tiller-port', help="Tiller host Port", type=int, default=44134)
'--tiller-port', help="Tiller Host Port", type=int,
default=CONF.tiller_port)
@click.option(
'--tiller-namespace', '-tn', help="Tiller Namespace", type=str,
default=CONF.tiller_namespace)
@click.option('--target-manifest',
help=('The target manifest to run. Required for specifying '
'which manifest to run when multiple are available.'),
default=None)
@click.pass_context
def test_charts(ctx, file, release, tiller_host, tiller_port, target_manifest):
def test_charts(ctx, file, release, tiller_host, tiller_port, tiller_namespace,
target_manifest):
TestChartManifest(
ctx, file, release, tiller_host, tiller_port).invoke()
ctx, file, release, tiller_host, tiller_port, tiller_namespace,
target_manifest).invoke()
class TestChartManifest(CliAction):
def __init__(self, ctx, file, release, tiller_host, tiller_port,
target_manifest):
tiller_namespace, target_manifest):
super(TestChartManifest, self).__init__()
self.ctx = ctx
@ -76,11 +85,14 @@ class TestChartManifest(CliAction):
self.release = release
self.tiller_host = tiller_host
self.tiller_port = tiller_port
self.tiller_namespace = tiller_namespace
self.target_manifest = target_manifest
def invoke(self):
tiller = Tiller(
tiller_host=self.tiller_host, tiller_port=self.tiller_port)
tiller_host=self.tiller_host,
tiller_port=self.tiller_port,
tiller_namespace=self.tiller_namespace)
known_release_names = [release[0] for release in tiller.list_charts()]
if self.release:
@ -102,7 +114,8 @@ class TestChartManifest(CliAction):
client = self.ctx.obj.get('CLIENT')
query = {
'tiller_host': self.tiller_host,
'tiller_port': self.tiller_port
'tiller_port': self.tiller_port,
'tiller_namespace': self.tiller_namespace
}
resp = client.get_test_release(release=self.release,
query=query)
@ -148,7 +161,8 @@ class TestChartManifest(CliAction):
client = self.ctx.obj.get('CLIENT')
query = {
'tiller_host': self.tiller_host,
'tiller_port': self.tiller_port
'tiller_port': self.tiller_port,
'tiller_namespace': self.tiller_namespace
}
with open(self.filename, 'r') as f:

28
armada/cli/tiller.py
View File

@ -14,10 +14,13 @@
import click
from oslo_config import cfg
from armada.cli import CliAction
from armada.handlers.tiller import Tiller
CONF = cfg.CONF
@click.group()
def tiller():
@ -47,28 +50,37 @@ SHORT_DESC = "command gets tiller infromation"
@tiller.command(name='tiller', help=DESC, short_help=SHORT_DESC)
@click.option('--tiller-host', help="Tiller host ip", default=None)
@click.option(
'--tiller-port', help="Tiller host port", type=int, default=44134)
'--tiller-port', help="Tiller host port", type=int,
default=CONF.tiller_port)
@click.option(
'--tiller-namespace', '-tn', help="Tiller namespace", type=str,
default=CONF.tiller_namespace)
@click.option('--releases', help="list of deployed releses", is_flag=True)
@click.option('--status', help="Status of Armada services", is_flag=True)
@click.pass_context
def tiller_service(ctx, tiller_host, tiller_port, releases, status):
TillerServices(ctx, tiller_host, tiller_port, releases, status).invoke()
def tiller_service(ctx, tiller_host, tiller_port, tiller_namespace, releases,
status):
TillerServices(ctx, tiller_host, tiller_port, tiller_namespace, releases,
status).invoke()
class TillerServices(CliAction):
def __init__(self, ctx, tiller_host, tiller_port, releases, status):
def __init__(self, ctx, tiller_host, tiller_port, tiller_namespace,
releases, status):
super(TillerServices, self).__init__()
self.ctx = ctx
self.tiller_host = tiller_host
self.tiller_port = tiller_port
self.tiller_namespace = tiller_namespace
self.releases = releases
self.status = status
def invoke(self):
tiller = Tiller(
tiller_host=self.tiller_host, tiller_port=self.tiller_port)
tiller_host=self.tiller_host, tiller_port=self.tiller_port,
tiller_namespace=self.tiller_namespace)
if self.status:
if not self.ctx.obj.get('api', False):
@ -78,7 +90,8 @@ class TillerServices(CliAction):
client = self.ctx.obj.get('CLIENT')
query = {
'tiller_host': self.tiller_host,
'tiller_port': self.tiller_port
'tiller_port': self.tiller_port,
'tiller_namespace': self.tiller_namespace
}
resp = client.get_status(query=query)
tiller_status = resp.get('tiller').get('state', False)
@ -97,7 +110,8 @@ class TillerServices(CliAction):
client = self.ctx.obj.get('CLIENT')
query = {
'tiller_host': self.tiller_host,
'tiller_port': self.tiller_port
'tiller_port': self.tiller_port,
'tiller_namespace': self.tiller_namespace
}
resp = client.get_releases(query=query)
for namespace in resp.get('releases'):

5
armada/conf/default.py
View File

@ -76,6 +76,11 @@ The Keystone project domain name used for authentication.
default='kube-system',
help=utils.fmt('Namespace for the tiller pod.')),
cfg.IntOpt(
'tiller_port',
default=44134,
help=utils.fmt('Port for the tiller pod.')),
cfg.ListOpt(
'tiller_release_roles',
default=['admin'],

17
armada/handlers/armada.py
View File

@ -53,7 +53,8 @@ class Armada(object):
wait=False,
timeout=DEFAULT_TIMEOUT,
tiller_host=None,
tiller_port=44134,
tiller_port=None,
tiller_namespace=None,
values=None,
target_manifest=None):
'''
@ -67,11 +68,17 @@ class Armada(object):
:param bool dry_run: Run charts without installing them.
:param bool wait: Wait until all charts are deployed.
:param int timeout: Specifies time to wait for charts to deploy.
:param str tiller_host: Tiller host IP.
:param int tiller_port: Tiller host port.
:param str tiller_host: Tiller host IP. Default is None.
:param int tiller_port: Tiller host port. Default is
``CONF.tiller_port``.
:param str tiller_namespace: Tiller host namespace. Default is
``CONF.tiller_namespace``.
:param str target_manifest: The target manifest to run. Useful for
specifying which manifest to run when multiple are available.
'''
tiller_port = tiller_port or CONF.tiller_port
tiller_namespace = tiller_namespace or CONF.tiller_namespace
self.disable_update_pre = disable_update_pre
self.disable_update_post = disable_update_post
self.enable_chart_cleanup = enable_chart_cleanup
@ -79,7 +86,9 @@ class Armada(object):
self.overrides = set_ovr
self.wait = wait
self.timeout = timeout
self.tiller = Tiller(tiller_host=tiller_host, tiller_port=tiller_port)
self.tiller = Tiller(
tiller_host=tiller_host, tiller_port=tiller_port,
tiller_namespace=tiller_namespace)
self.values = values
self.documents = file
self.config = None

22
armada/handlers/tiller.py
View File

@ -34,7 +34,6 @@ from armada.handlers.k8s import K8s
from armada.utils.release import release_prefix
from armada.utils.release import label_selectors
TILLER_PORT = 44134
TILLER_VERSION = b'2.5.0'
TILLER_TIMEOUT = 300
GRPC_EPSILON = 60
@ -48,9 +47,8 @@ RUNTEST_SUCCESS = 9
# limit is exhausted with just 10 releases
MAX_MESSAGE_LENGTH = 429496729
LOG = logging.getLogger(__name__)
CONF = cfg.CONF
LOG = logging.getLogger(__name__)
class Tiller(object):
@ -59,10 +57,11 @@ class Tiller(object):
service over gRPC
'''
def __init__(self, tiller_host=None, tiller_port=TILLER_PORT):
def __init__(self, tiller_host=None, tiller_port=None,
tiller_namespace=None):
self.tiller_host = tiller_host
self.tiller_port = tiller_port
self.tiller_port = tiller_port or CONF.tiller_port
self.tiller_namespace = tiller_namespace or CONF.tiller_namespace
# init k8s connectivity
self.k8s = K8s()
@ -103,8 +102,10 @@ class Tiller(object):
Returns tiller pod using the tiller pod labels specified in the Armada
config
'''
pods = self.k8s.get_namespace_pod(
CONF.tiller_namespace, CONF.tiller_pod_labels).items
pods = None
namespace = self._get_tiller_namespace()
pods = self.k8s.get_namespace_pod(namespace,
CONF.tiller_pod_labels).items
# No tiller pods found
if not pods:
raise ex.TillerPodNotFoundException(CONF.tiller_pod_labels)
@ -129,7 +130,10 @@ class Tiller(object):
def _get_tiller_port(self):
'''Stub method to support arbitrary ports in the future'''
return TILLER_PORT
return self.tiller_port
def _get_tiller_namespace(self):
return self.tiller_namespace
def tiller_status(self):
'''

6
armada/tests/unit/api/test_armada_controller.py
View File

@ -43,7 +43,7 @@ class ArmadaControllerTest(base.BaseControllerTest):
'wait': 'false',
'timeout': '100'}
armada_options = {
expected_armada_options = {
'disable_update_pre': False,
'disable_update_post': False,
'enable_chart_cleanup': False,
@ -52,6 +52,7 @@ class ArmadaControllerTest(base.BaseControllerTest):
'timeout': 100,
'tiller_host': None,
'tiller_port': 44134,
'tiller_namespace': 'kube-system',
'target_manifest': None
}
@ -76,7 +77,8 @@ class ArmadaControllerTest(base.BaseControllerTest):
self.assertEqual('application/json', result.headers['content-type'])
mock_resolver.resolve_reference.assert_called_with([payload_url])
mock_armada.assert_called_with([{'foo': 'bar'}], **armada_options)
mock_armada.assert_called_with([{'foo': 'bar'}],
**expected_armada_options)
mock_armada.return_value.sync.assert_called()
def test_armada_apply_no_href(self):

20
armada/tests/unit/api/test_tiller_controller.py
View File

@ -42,7 +42,9 @@ class TillerControllerTest(base.BaseControllerTest):
self.assertEqual(expected, result.json)
self.assertEqual('application/json', result.headers['content-type'])
mock_tiller.assert_called_once_with(tiller_host=None, tiller_port=None)
mock_tiller.assert_called_once_with(
tiller_host=None, tiller_port=44134,
tiller_namespace='kube-system')
@mock.patch.object(tiller_controller, 'Tiller')
def test_get_tiller_status_with_params(self, mock_tiller):
@ -56,7 +58,8 @@ class TillerControllerTest(base.BaseControllerTest):
result = self.app.simulate_get('/api/v1.0/status',
params_csv=False,
params={'tiller_host': 'fake_host',
'tiller_port': '98765'})
'tiller_port': '98765',
'tiller_namespace': 'fake_ns'})
expected = {
'tiller': {'version': 'fake_verson', 'state': 'fake_status'}
}
@ -64,7 +67,8 @@ class TillerControllerTest(base.BaseControllerTest):
self.assertEqual(expected, result.json)
self.assertEqual('application/json', result.headers['content-type'])
mock_tiller.assert_called_once_with(tiller_host='fake_host',
tiller_port='98765')
tiller_port=98765,
tiller_namespace='fake_ns')
@mock.patch.object(tiller_controller, 'Tiller')
def test_tiller_releases(self, mock_tiller):
@ -87,7 +91,9 @@ class TillerControllerTest(base.BaseControllerTest):
}
self.assertEqual(expected, result.json)
mock_tiller.assert_called_once_with(tiller_host=None, tiller_port=None)
mock_tiller.assert_called_once_with(
tiller_host=None, tiller_port=44134,
tiller_namespace='kube-system')
mock_tiller.return_value.list_releases.assert_called_once_with()
@mock.patch.object(tiller_controller, 'Tiller')
@ -108,14 +114,16 @@ class TillerControllerTest(base.BaseControllerTest):
result = self.app.simulate_get('/api/v1.0/releases',
params_csv=False,
params={'tiller_host': 'fake_host',
'tiller_port': '98765'})
'tiller_port': '98765',
'tiller_namespace': 'fake_ns'})
expected = {
'releases': {'bar_namespace': ['foo'], 'qux_namespace': ['baz']}
}
self.assertEqual(expected, result.json)
mock_tiller.assert_called_once_with(tiller_host='fake_host',
tiller_port='98765')
tiller_port=98765,
tiller_namespace='fake_ns')
mock_tiller.return_value.list_releases.assert_called_once_with()

38
docs/source/commands/apply.rst
View File

@ -31,23 +31,27 @@ Commands
$ armada apply examples/simple.yaml --values examples/simple-ovr-values.yaml
Options:
--api Contacts service endpoint.
--disable-update-post Disable post-update Tiller operations.
--disable-update-pre Disable pre-update Tiller operations.
--dry-run Run charts without installing them.
--enable-chart-cleanup Clean up unmanaged charts.
--set TEXT Use to override Armada Manifest values. Accepts
overrides that adhere to the format <key>=<value>
--tiller-host TEXT Tiller host IP.
--tiller-port INTEGER Tiller host port.
--timeout INTEGER Specifies time to wait for charts to deploy.
-f, --values TEXT Use to override multiple Armada Manifest values by
reading overrides from a values.yaml-type file.
--wait Wait until all charts deployed.
--target-manifest TEXT The target manifest to run. Required for specifying
which manifest to run when multiple are available.
--debug / --no-debug Enable or disable debugging.
--help Show this message and exit.
--api Contacts service endpoint.
--disable-update-post Disable post-update Tiller operations.
--disable-update-pre Disable pre-update Tiller operations.
--dry-run Run charts without installing them.
--enable-chart-cleanup Clean up unmanaged charts.
--set TEXT Use to override Armada Manifest values.
Accepts overrides that adhere to the format
<key>=<value>
--tiller-host TEXT Tiller host IP.
--tiller-port INTEGER Tiller host port.
-tn, --tiller-namespace TEXT Tiller namespace.
--timeout INTEGER Specifies time to wait for charts to deploy.
-f, --values TEXT Use to override multiple Armada Manifest
values by reading overrides from a
values.yaml-type file.
--wait Wait until all charts deployed.
--target-manifest TEXT The target manifest to run. Required for
specifying which manifest to run when multiple
are available.
--debug / --no-debug Enable or disable debugging.
--help Show this message and exit.
Synopsis
--------

17
docs/source/commands/test.rst
View File

@ -24,14 +24,15 @@ Commands
$ armada test --release blog-1
Options:
--file TEXT armada manifest
--release TEXT helm release
--tiller-host TEXT Tiller Host IP
--tiller-port INTEGER Tiller host Port
--help Show this message and exit.
--target-manifest TEXT The target manifest to run. Required for specifying
which manifest to run when multiple are available.
--file TEXT armada manifest
--release TEXT helm release
--tiller-host TEXT Tiller Host IP
--tiller-port INTEGER Tiller Host Port
-tn, --tiller-namespace TEXT Tiller Namespace
--target-manifest TEXT The target manifest to run. Required for
specifying which manifest to run when multiple
are available.
--help Show this message and exit.
Synopsis
--------

11
docs/source/commands/tiller.rst
View File

@ -22,11 +22,12 @@ Commands
$ armada tiller --status
Options:
--tiller-host TEXT Tiller host ip
--tiller-port INTEGER Tiller host port
--releases list of deployed releases
--status Status of Armada services
--help Show this message and exit.
--tiller-host TEXT Tiller host ip
--tiller-port INTEGER Tiller host port
-tn, --tiller-namespace TEXT Tiller namespace
--releases list of deployed releses
--status Status of Armada services
--help Show this message and exit.
Synopsis
--------

23
etc/armada/armada.conf.sample
View File

@ -32,9 +32,15 @@
# Labels for the tiller pod. (string value)
#tiller_pod_labels = app=helm,name=tiller
# Host for the tiller pod. (string value)
#tiller_host = localhost
# Namespace for the tiller pod. (string value)
#tiller_namespace = kube-system
# Port for the tiller pod. (integer value)
#tiller_port = 44134
# IDs of approved API access roles. (list value)
#tiller_release_roles = admin
@ -345,7 +351,10 @@
# in the cache. If ENCRYPT, token data is encrypted and authenticated in the
# cache. If the value is not one of these options or empty, auth_token will
# raise an exception on initialization. (string value)
# Allowed values: None, MAC, ENCRYPT
# Possible values:
# None - <No description provided>
# MAC - <No description provided>
# ENCRYPT - <No description provided>
#memcache_security_strategy = None
# (Optional, mandatory if memcache_security_strategy is defined) This string is
@ -441,6 +450,14 @@
# From oslo.policy
#
# This option controls whether or not to enforce scope when evaluating
# policies. If ``True``, the scope of the token used in the request is compared
# to the ``scope_types`` of the policy being enforced. If the scopes do not
# match, an ``InvalidScope`` exception will be raised. If ``False``, a message
# will be logged informing operators that policies are being invoked with
# mismatching scope. (boolean value)
#enforce_scope = false
# The file that defines policies. (string value)
#policy_file = policy.json
@ -456,7 +473,9 @@
# Content Type to send and receive data for REST based policy check (string
# value)
# Allowed values: application/x-www-form-urlencoded, application/json
# Possible values:
# application/x-www-form-urlencoded - <No description provided>
# application/json - <No description provided>
#remote_content_type = application/x-www-form-urlencoded
# server identity verification for REST based policy check (boolean value)