puppet-keystone/manifests/cache.pp
Takashi Kajinami 3e8788c94e cache: Support new redis options
The oslo.cache 3.7.0 release introduced some options for redis backend
and redis sentinel backend. This introduces for these parameters.

Depneds-on: https://review.opendev.org/910629
Change-Id: Ie5e6e7b8dfa0753ccca1094f06a745fdb0acb5bc
2024-03-07 22:53:04 +09:00

318 lines
14 KiB
Puppet

#
# Module for managing keystone cache.
#
# == Parameters
#
# [*config_prefix*]
# (Optional) Prefix for building the configuration dictionary for
# the cache region. This should not need to be changed unless there
# is another dogpile.cache region with the same configuration name.
# (string value)
# Defaults to $facts['os_service_default']
#
# [*expiration_time*]
# (Optional) Default TTL, in seconds, for any cached item in the
# dogpile.cache region. This applies to any cached method that
# doesn't have an explicit cache expiration time defined for it.
# (integer value)
# Defaults to $facts['os_service_default']
#
# [*backend*]
# (Optional) Dogpile.cache backend module. It is recommended that
# Memcache with pooling (oslo_cache.memcache_pool) or Redis
# (dogpile.cache.redis) be used in production deployments. (string value)
# Defaults to $facts['os_service_default']
#
# [*backend_argument*]
# (Optional) Arguments supplied to the backend module. Specify this option
# once per argument to be passed to the dogpile.cache backend.
# Example format: "<argname>:<value>". (list value)
# Defaults to $facts['os_service_default']
#
# [*proxies*]
# (Optional) Proxy classes to import that will affect the way the
# dogpile.cache backend functions. See the dogpile.cache documentation on
# changing-backend-behavior. (list value)
# Defaults to $facts['os_service_default']
#
# [*enabled*]
# (Optional) Global toggle for caching. (boolean value)
# Defaults to $facts['os_service_default']
#
# [*debug_cache_backend*]
# (Optional) Extra debugging from the cache backend (cache keys,
# get/set/delete/etc calls). This is only really useful if you need
# to see the specific cache-backend get/set/delete calls with the keys/values.
# Typically this should be left set to false. (boolean value)
# Defaults to $facts['os_service_default']
#
# [*memcache_servers*]
# (Optional) Memcache servers in the format of "host:port".
# (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).
# (list value)
# Defaults to $facts['os_service_default']
#
# [*memcache_dead_retry*]
# (Optional) Number of seconds memcached server is considered dead before
# it is tried again. (dogpile.cache.memcache and oslo_cache.memcache_pool
# backends only). (integer value)
# Defaults to $facts['os_service_default']
#
# [*memcache_socket_timeout*]
# (Optional) Timeout in seconds for every call to a server.
# (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).
# (floating point value)
# Defaults to $facts['os_service_default']
#
# [*enable_socket_keepalive*]
# (Optional) Global toggle for the socket keepalive of dogpile's
# pymemcache backend
# Defaults to $facts['os_service_default']
#
# [*socket_keepalive_idle*]
# (Optional) The time (in seconds) the connection needs to remain idle
# before TCP starts sending keepalive probes. Should be a positive integer
# most greater than zero.
# Defaults to $facts['os_service_default']
#
# [*socket_keepalive_interval*]
# (Optional) The time (in seconds) between individual keepalive probes.
# Should be a positive integer most greater than zero.
# Defaults to $facts['os_service_default']
#
# [*socket_keepalive_count*]
# (Optional) The maximum number of keepalive probes TCP should send before
# dropping the connection. Should be a positive integer most greater than
# zero.
# Defaults to $facts['os_service_default']
#
# [*memcache_pool_maxsize*]
# (Optional) Max total number of open connections to every memcached server.
# (oslo_cache.memcache_pool backend only). (integer value)
# Defaults to $facts['os_service_default']
#
# [*memcache_pool_unused_timeout*]
# (Optional) Number of seconds a connection to memcached is held unused
# in the pool before it is closed. (oslo_cache.memcache_pool backend only)
# (integer value)
# Defaults to $facts['os_service_default']
#
# [*memcache_pool_connection_get_timeout*]
# (Optional) Number of seconds that an operation will wait to get a memcache
# client connection. (integer value)
# Defaults to $facts['os_service_default']
#
# [*memcache_pool_flush_on_reconnect*]
# (Optional) Global toggle if memcache will be flushed on reconnect.
# (oslo_cache.memcache_pool backend only)
# Defaults to $facts['os_service_default']
#
# [*memcache_sasl_enabled*]
# (Optional) Whether SASL is enabled in memcached
# Defaults to $facts['os_service_default']
#
# [*memcache_username*]
# (Optional) The user name for the memcached with SASL enabled
# Defaults to $facts['os_service_default']
#
# [*memcache_password*]
# (Optional) The password for the memcached with SASL enabled
# Defaults to $facts['os_service_default']
#
# [*redis_server*]
# (Optional) Redis server in the format of "host:port".
# Defaults to $facts['os_service_default']
#
# [*redis_username*]
# (Optional) The user name for redis
# Defaults to $facts['os_service_default']
#
# [*redis_password*]
# (Optional) The password for redis
# Defaults to $facts['os_service_default']
#
# [*redis_sentinels*]
# (Optional) Redis sentinel servers in the format of host:port
# Defaults to $facts['os_service_default']
#
# [*redis_socket_timeout*]
# (Optional) Timeout in seconds for every call to a server
# Defaults to $facts['os_service_default']
#
# [*redis_sentinel_service_name*]
# (Optional) Service name of the redis sentinel cluster.
# Defaults to $facts['os_service_default']
#
# [*token_caching*]
# (Optional) Toggle for token system caching. This has no effect unless
# cache_backend, cache_enabled and cache_memcache_servers is set.
# Default to $facts['os_service_default']
#
# [*tls_enabled*]
# (Optional) Global toggle for TLS usage when communicating with
# the caching servers.
# Default to $facts['os_service_default']
#
# [*tls_cafile*]
# (Optional) Path to a file of concatenated CA certificates in PEM
# format necessary to establish the caching server's authenticity.
# If tls_enabled is False, this option is ignored.
# Default to $facts['os_service_default']
#
# [*tls_certfile*]
# (Optional) Path to a single file in PEM format containing the
# client's certificate as well as any number of CA certificates
# needed to establish the certificate's authenticity. This file
# is only required when client side authentication is necessary.
# If tls_enabled is False, this option is ignored.
# Default to $facts['os_service_default']
#
# [*tls_keyfile*]
# (Optional) Path to a single file containing the client's private
# key in. Otherwise the private key will be taken from the file
# specified in tls_certfile. If tls_enabled is False, this option
# is ignored.
# Default to $facts['os_service_default']
#
# [*tls_allowed_ciphers*]
# (Optional) Set the available ciphers for sockets created with
# the TLS context. It should be a string in the OpenSSL cipher
# list format. If not specified, all OpenSSL enabled ciphers will
# be available.
# Default to $facts['os_service_default']
#
# [*enable_retry_client*]
# (Optional) Enable retry client mechanisms to handle failure.
# Those mechanisms can be used to wrap all kind of pymemcache
# clients. The wrapper allows you to define how many attempts
# to make and how long to wait between attempts.
# Default to $facts['os_service_default']
#
# [*retry_attempts*]
# (Optional) Number of times to attempt an action before failing.
# Default to $facts['os_service_default']
#
# [*retry_delay*]
# (Optional) Number of seconds to sleep between each attempt.
# Default to $facts['os_service_default']
#
# [*hashclient_retry_attempts*]
# (Optional) Amount of times a client should be tried
# before it is marked dead and removed from the pool in
# the HashClient's internal mechanisms.
# Default to $facts['os_service_default']
#
# [*hashclient_retry_delay*]
# (Optional) Time in seconds that should pass between
# retry attempts in the HashClient's internal mechanisms.
# Default to $facts['os_service_default']
#
# [*dead_timeout*]
# (Optional) Time in seconds before attempting to add a node
# back in the pool in the HashClient's internal mechanisms.
# Default to $facts['os_service_default']
#
# [*manage_backend_package*]
# (Optional) Whether to install the backend package for the cache.
# Defaults to true
#
class keystone::cache(
$config_prefix = $facts['os_service_default'],
$expiration_time = $facts['os_service_default'],
$backend = $facts['os_service_default'],
$backend_argument = $facts['os_service_default'],
$proxies = $facts['os_service_default'],
$enabled = $facts['os_service_default'],
$debug_cache_backend = $facts['os_service_default'],
$memcache_servers = $facts['os_service_default'],
$memcache_dead_retry = $facts['os_service_default'],
$memcache_socket_timeout = $facts['os_service_default'],
$enable_socket_keepalive = $facts['os_service_default'],
$socket_keepalive_idle = $facts['os_service_default'],
$socket_keepalive_interval = $facts['os_service_default'],
$socket_keepalive_count = $facts['os_service_default'],
$memcache_pool_maxsize = $facts['os_service_default'],
$memcache_pool_unused_timeout = $facts['os_service_default'],
$memcache_pool_connection_get_timeout = $facts['os_service_default'],
$memcache_pool_flush_on_reconnect = $facts['os_service_default'],
$memcache_sasl_enabled = $facts['os_service_default'],
$memcache_username = $facts['os_service_default'],
$memcache_password = $facts['os_service_default'],
$redis_server = $facts['os_service_default'],
$redis_username = $facts['os_service_default'],
$redis_password = $facts['os_service_default'],
$redis_sentinels = $facts['os_service_default'],
$redis_socket_timeout = $facts['os_service_default'],
$redis_sentinel_service_name = $facts['os_service_default'],
$token_caching = $facts['os_service_default'],
$tls_enabled = $facts['os_service_default'],
$tls_cafile = $facts['os_service_default'],
$tls_certfile = $facts['os_service_default'],
$tls_keyfile = $facts['os_service_default'],
$tls_allowed_ciphers = $facts['os_service_default'],
$enable_retry_client = $facts['os_service_default'],
$retry_attempts = $facts['os_service_default'],
$retry_delay = $facts['os_service_default'],
$hashclient_retry_attempts = $facts['os_service_default'],
$hashclient_retry_delay = $facts['os_service_default'],
$dead_timeout = $facts['os_service_default'],
Boolean $manage_backend_package = true,
){
include keystone::deps
if !is_service_default($memcache_servers) {
Service<| title == 'memcached' |> -> Anchor['keystone::service::begin']
}
keystone_config {
'token/caching': value => $token_caching;
}
oslo::cache { 'keystone_config':
config_prefix => $config_prefix,
expiration_time => $expiration_time,
backend => $backend,
backend_argument => $backend_argument,
proxies => $proxies,
enabled => $enabled,
debug_cache_backend => $debug_cache_backend,
memcache_servers => $memcache_servers,
memcache_dead_retry => $memcache_dead_retry,
memcache_socket_timeout => $memcache_socket_timeout,
enable_socket_keepalive => $enable_socket_keepalive,
socket_keepalive_idle => $socket_keepalive_idle,
socket_keepalive_interval => $socket_keepalive_interval,
socket_keepalive_count => $socket_keepalive_count,
memcache_pool_maxsize => $memcache_pool_maxsize,
memcache_pool_unused_timeout => $memcache_pool_unused_timeout,
memcache_pool_connection_get_timeout => $memcache_pool_connection_get_timeout,
memcache_pool_flush_on_reconnect => $memcache_pool_flush_on_reconnect,
memcache_sasl_enabled => $memcache_sasl_enabled,
memcache_username => $memcache_username,
memcache_password => $memcache_password,
redis_server => $redis_server,
redis_username => $redis_username,
redis_password => $redis_password,
redis_sentinels => $redis_sentinels,
redis_socket_timeout => $redis_socket_timeout,
redis_sentinel_service_name => $redis_sentinel_service_name,
tls_enabled => $tls_enabled,
tls_cafile => $tls_cafile,
tls_certfile => $tls_certfile,
tls_keyfile => $tls_keyfile,
tls_allowed_ciphers => $tls_allowed_ciphers,
enable_retry_client => $enable_retry_client,
retry_attempts => $retry_attempts,
retry_delay => $retry_delay,
hashclient_retry_attempts => $hashclient_retry_attempts,
hashclient_retry_delay => $hashclient_retry_delay,
dead_timeout => $dead_timeout,
manage_backend_package => $manage_backend_package,
}
# all cache settings should be applied and all packages should be installed
# before service startup
Oslo::Cache['keystone_config'] -> Anchor['keystone::service::begin']
}