diff --git a/manifests/cache.pp b/manifests/cache.pp
index c3d39963d..63d3b2748 100644
--- a/manifests/cache.pp
+++ b/manifests/cache.pp
@@ -119,6 +119,30 @@
# (Optional) The password for the memcached with SASL enabled
# Defaults to $facts['os_service_default']
#
+# [*redis_server*]
+# (Optional) Redis server in the format of "host:port".
+# Defaults to $facts['os_service_default']
+#
+# [*redis_username*]
+# (Optional) The user name for redis
+# Defaults to $facts['os_service_default']
+#
+# [*redis_password*]
+# (Optional) The password for redis
+# Defaults to $facts['os_service_default']
+#
+# [*redis_sentinels*]
+# (Optional) Redis sentinel servers in the format of host:port
+# Defaults to $facts['os_service_default']
+#
+# [*redis_socket_timeout*]
+# (Optional) Timeout in seconds for every call to a server
+# Defaults to $facts['os_service_default']
+#
+# [*redis_sentinel_service_name*]
+# (Optional) Service name of the redis sentinel cluster.
+# Defaults to $facts['os_service_default']
+#
# [*token_caching*]
# (Optional) Toggle for token system caching. This has no effect unless
# cache_backend, cache_enabled and cache_memcache_servers is set.
@@ -214,6 +238,12 @@ class keystone::cache(
$memcache_sasl_enabled = $facts['os_service_default'],
$memcache_username = $facts['os_service_default'],
$memcache_password = $facts['os_service_default'],
+ $redis_server = $facts['os_service_default'],
+ $redis_username = $facts['os_service_default'],
+ $redis_password = $facts['os_service_default'],
+ $redis_sentinels = $facts['os_service_default'],
+ $redis_socket_timeout = $facts['os_service_default'],
+ $redis_sentinel_service_name = $facts['os_service_default'],
$token_caching = $facts['os_service_default'],
$tls_enabled = $facts['os_service_default'],
$tls_cafile = $facts['os_service_default'],
@@ -261,6 +291,12 @@ class keystone::cache(
memcache_sasl_enabled => $memcache_sasl_enabled,
memcache_username => $memcache_username,
memcache_password => $memcache_password,
+ redis_server => $redis_server,
+ redis_username => $redis_username,
+ redis_password => $redis_password,
+ redis_sentinels => $redis_sentinels,
+ redis_socket_timeout => $redis_socket_timeout,
+ redis_sentinel_service_name => $redis_sentinel_service_name,
tls_enabled => $tls_enabled,
tls_cafile => $tls_cafile,
tls_certfile => $tls_certfile,
diff --git a/releasenotes/notes/cache-redis-opts-328160577c0fd658.yaml b/releasenotes/notes/cache-redis-opts-328160577c0fd658.yaml
new file mode 100644
index 000000000..f0e36d271
--- /dev/null
+++ b/releasenotes/notes/cache-redis-opts-328160577c0fd658.yaml
@@ -0,0 +1,12 @@
+---
+features:
+ - |
+ The ``keystone::cache`` class now supports the following new options for
+ Redis backend and Redis Sentinel backend.
+
+ - ``redis_server``
+ - ``redis_username``
+ - ``redis_password``
+ - ``redis_sentinels``
+ - ``redis_socket_timeout``
+ - ``redis_sentinel_service_name``
diff --git a/spec/classes/keystone_cache_spec.rb b/spec/classes/keystone_cache_spec.rb
index 7a094a302..b2a07f7d5 100644
--- a/spec/classes/keystone_cache_spec.rb
+++ b/spec/classes/keystone_cache_spec.rb
@@ -34,6 +34,12 @@ describe 'keystone::cache' do
:memcache_sasl_enabled => '<SERVICE DEFAULT>',
:memcache_username => '<SERVICE DEFAULT>',
:memcache_password => '<SERVICE DEFAULT>',
+ :redis_server => '<SERVICE DEFAULT>',
+ :redis_username => '<SERVICE DEFAULT>',
+ :redis_password => '<SERVICE DEFAULT>',
+ :redis_sentinels => '<SERVICE DEFAULT>',
+ :redis_socket_timeout => '<SERVICE DEFAULT>',
+ :redis_sentinel_service_name => '<SERVICE DEFAULT>',
:tls_enabled => '<SERVICE DEFAULT>',
:tls_cafile => '<SERVICE DEFAULT>',
:tls_certfile => '<SERVICE DEFAULT>',
@@ -73,6 +79,12 @@ describe 'keystone::cache' do
:memcache_sasl_enabled => false,
:memcache_username => 'sasluser',
:memcache_password => 'saslpass',
+ :redis_server => 'localhost:6379',
+ :redis_username => 'redisuser',
+ :redis_password => 'redispass',
+ :redis_sentinels => ['host1:26379', 'host2:26379'],
+ :redis_socket_timeout => 1.0,
+ :redis_sentinel_service_name => 'mymaster',
:tls_enabled => false,
:enable_retry_client => false,
:retry_attempts => 2,
@@ -110,6 +122,12 @@ describe 'keystone::cache' do
:memcache_sasl_enabled => false,
:memcache_username => 'sasluser',
:memcache_password => 'saslpass',
+ :redis_server => 'localhost:6379',
+ :redis_username => 'redisuser',
+ :redis_password => 'redispass',
+ :redis_sentinels => ['host1:26379', 'host2:26379'],
+ :redis_socket_timeout => 1.0,
+ :redis_sentinel_service_name => 'mymaster',
:tls_enabled => false,
:tls_cafile => '<SERVICE DEFAULT>',
:tls_certfile => '<SERVICE DEFAULT>',