Add cache_time for identity

This patch adds a config option to allow
configuring the cache_time for identity elements.

It is also including a complementary fix for
change I49e46e010c543f831959581b2122f59068f2c07b
that missed adjusting the correct template, and
used the wrong comparison "is not None".

Closes-bug: #2054418
Related-bug: #1771114
Change-Id: I57d376eb6c1f0f38cdd028aacf397aaf7f3a1cda
This commit is contained in:
Rodrigo Barbieri 2024-03-19 14:32:46 -03:00
parent 16b543572d
commit 0967f6ec4e
4 changed files with 21 additions and 5 deletions

View File

@ -107,6 +107,16 @@ options:
type: int type: int
default: 60 default: 60
description: Amount of time (in seconds) the catalog should be cached for. description: Amount of time (in seconds) the catalog should be cached for.
identity-cache-expiration:
type: int
default:
description: |
Amount of time (in seconds) user identity information should be cached
for. This impacts user information such as email and description, which
could display stale information from cache after being updated. Reducing
cache_time means more database queries so if an impact is perceived
this value should be increased. If unspecified, the default value of
600 is used.
role-cache-expiration: role-cache-expiration:
type: int type: int
default: default:

View File

@ -216,6 +216,9 @@ class KeystoneContext(context.OSContextGenerator):
ctxt['catalog_cache_expiration'] = config('catalog-cache-expiration') ctxt['catalog_cache_expiration'] = config('catalog-cache-expiration')
if config('role-cache-expiration') is not None: if config('role-cache-expiration') is not None:
ctxt['role_cache_expiration'] = config('role-cache-expiration') ctxt['role_cache_expiration'] = config('role-cache-expiration')
if config('identity-cache-expiration') is not None:
ctxt['identity_cache_expiration'] = config(
'identity-cache-expiration')
ctxt['dogpile_cache_expiration'] = config('dogpile-cache-expiration') ctxt['dogpile_cache_expiration'] = config('dogpile-cache-expiration')

View File

@ -42,11 +42,6 @@ driver = sql
cache_time = {{ catalog_cache_expiration }} cache_time = {{ catalog_cache_expiration }}
driver = sql driver = sql
{% if role_cache_expiration is not None -%}
[role]
cache_time = {{ role_cache_expiration }}
{% endif -%}
[endpoint_filter] [endpoint_filter]
[token] [token]

View File

@ -20,6 +20,9 @@ connection_recycle_time = 200
[identity] [identity]
driver = {{ identity_backend }} driver = {{ identity_backend }}
{% if identity_cache_expiration -%}
cache_time = {{ identity_cache_expiration }}
{% endif -%}
{% if default_domain_id -%} {% if default_domain_id -%}
default_domain_id = {{ default_domain_id }} default_domain_id = {{ default_domain_id }}
{% endif -%} {% endif -%}
@ -40,6 +43,11 @@ driver = sql
cache_time = {{ catalog_cache_expiration }} cache_time = {{ catalog_cache_expiration }}
driver = sql driver = sql
{% if role_cache_expiration -%}
[role]
cache_time = {{ role_cache_expiration }}
{% endif -%}
[endpoint_filter] [endpoint_filter]
[token] [token]