openstack/puppet-keystone
Code Issues Proposed changes

Support tunable options for caching

Browse Source 
This adds support for a few cache related options. Note that the cache
options are exposed for multiple subsystems such as resources, but
the scope of this change is only ones related to credential data such
as token or credential.

Change-Id: I3aabdf07562ec49c5f282a43a5b4613211a76418
This commit is contained in:
Takashi Kajinami
2024-09-11 23:14:23 +09:00
parent c3c7c39e1c
commit 248a7ab64a
3 changed files with 67 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
manifests/cache.pp
View File

@@ -143,11 +143,6 @@
# (Optional) Service name of the redis sentinel cluster.
# Defaults to $facts['os_service_default']
#
# [*token_caching*]
# (Optional) Toggle for token system caching. This has no effect unless
# cache_backend, cache_enabled and cache_memcache_servers is set.
# Default to $facts['os_service_default']
#
# [*tls_enabled*]
# (Optional) Global toggle for TLS usage when communicating with
# the caching servers.
@@ -216,6 +211,35 @@
# (Optional) Whether to install the backend package for the cache.
# Defaults to true
#
# [*token_caching*]
# (Optional) Toggle for token system caching. This has no effect unless
# cache_backend, cache_enabled and cache_memcache_servers are set.
# Default to $facts['os_service_default']
#
# [*token_cache_time*]
# (Optional) The number of seconds to cache token creation and validation
# data.
# Default to $facts['os_service_default']
#
# [*credential_caching*]
# (Optional) Toggle for credential system caching. This has no effect unless
# cache_backend, cache_enabled and cache_memcache_servers are set.
# Default to $facts['os_service_default']
#
# [*credential_cache_time*]
# (Optional) Time to cache credential data in seconds.
# Default to $facts['os_service_default']
#
# [*application_credential_caching*]
# (Optional) Toggle for application credential system caching. This has no
# effect unless cache_backend, cache_enabled and cache_memcache_servers are
# set.
# Default to $facts['os_service_default']
#
# [*application_credential_cache_time*]
# (Optional) Time to cache application credential data in seconds.
# Default to $facts['os_service_default']
#
class keystone::cache(
$config_prefix = $facts['os_service_default'],
$expiration_time = $facts['os_service_default'],
@@ -244,7 +268,6 @@ class keystone::cache(
$redis_sentinels = $facts['os_service_default'],
$redis_socket_timeout = $facts['os_service_default'],
$redis_sentinel_service_name = $facts['os_service_default'],
$token_caching = $facts['os_service_default'],
$tls_enabled = $facts['os_service_default'],
$tls_cafile = $facts['os_service_default'],
$tls_certfile = $facts['os_service_default'],
@@ -256,6 +279,12 @@ class keystone::cache(
$hashclient_retry_attempts = $facts['os_service_default'],
$hashclient_retry_delay = $facts['os_service_default'],
$dead_timeout = $facts['os_service_default'],
$token_caching = $facts['os_service_default'],
$token_cache_time = $facts['os_service_default'],
$credential_caching = $facts['os_service_default'],
$credential_cache_time = $facts['os_service_default'],
$application_credential_caching = $facts['os_service_default'],
$application_credential_cache_time = $facts['os_service_default'],
Boolean $manage_backend_package = true,
){
@@ -266,7 +295,12 @@ class keystone::cache(
}
keystone_config {
'token/caching': value => $token_caching;
'token/caching': value => $token_caching;
'token/cache_time': value => $token_cache_time;
'credential/caching': value => $credential_caching;
'credential/cache_time': value => $credential_cache_time;
'application_credential/caching': value => $application_credential_caching;
'application_credential/cache_time': value => $application_credential_cache_time;
}
oslo::cache { 'keystone_config':

11
releasenotes/notes/cache-tunables-28ddc4da18fb0ca3.yaml Normal file
View File

@@ -0,0 +1,11 @@
---
features:
- |
The following new parameters have been added to the ``keystone::cache``
class.
- ``token_cache_time``
- ``credential_caching``
- ``credential_cache_time``
- ``application_credential_caching``
- ``application_credential_cache_time``

15
spec/classes/keystone_cache_spec.rb
View File

@@ -11,6 +11,11 @@ describe 'keystone::cache' do
context 'with default parameters' do
it 'configures cache' do
is_expected.to contain_keystone_config('token/caching').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('token/cache_time').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('credential/caching').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('credential/cache_time').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('application_credential/caching').with_value('<SERVICE DEFAULT>')
is_expected.to contain_keystone_config('application_credential/cache_time').with_value('<SERVICE DEFAULT>')
is_expected.to contain_oslo__cache('keystone_config').with(
:config_prefix => '<SERVICE DEFAULT>',
@@ -94,11 +99,21 @@ describe 'keystone::cache' do
:dead_timeout => 60,
:manage_backend_package => false,
:token_caching => true,
:token_cache_time => 3599,
:credential_caching => true,
:credential_cache_time => 3598,
:application_credential_caching => true,
:application_credential_cache_time => 3597,
}
end
it 'configures cache' do
is_expected.to contain_keystone_config('token/caching').with_value(true)
is_expected.to contain_keystone_config('token/cache_time').with_value(3599)
is_expected.to contain_keystone_config('credential/caching').with_value(true)
is_expected.to contain_keystone_config('credential/cache_time').with_value(3598)
is_expected.to contain_keystone_config('application_credential/caching').with_value(true)
is_expected.to contain_keystone_config('application_credential/cache_time').with_value(3597)
is_expected.to contain_oslo__cache('keystone_config').with(
:config_prefix => 'prefix',