diff --git a/manifests/containerreconciler.pp b/manifests/containerreconciler.pp
index be2c3ccb..21653962 100644
--- a/manifests/containerreconciler.pp
+++ b/manifests/containerreconciler.pp
@@ -47,46 +47,50 @@
 #    Defaults to $facts['os_service_default']
 #
 #  [*service_provider*]
-#    (optional)
-#    To use the swiftinit service provider to manage swift services, set
-#    service_provider to "swiftinit".  When enable is true the provider
+#    (optional) To use the swiftinit service provider to manage swift services,
+#    set service_provider to "swiftinit".  When enable is true the provider
 #    will populate boot files that start swift using swift-init at boot.
 #    See README for more details.
 #    Defaults to $::swift::params::service_provider.
 #
 #  [*memcache_servers*]
-#    (optional)
-#    A list of the memcache servers to be used. Entries should be in the
-#    form host:port. This value is only used if 'cache' is added to the
+#    (optional) A list of the memcache servers to be used. Entries should be in
+#    the form host:port. This value is only used if 'cache' is added to the
 #    pipeline,
 #    e.g. ['catch_errors', 'proxy-logging', 'cache', 'proxy-server']
 #    Defaults to ['127.0.0.1:11211']
 #
-# [*cache_tls_enabled*]
-#   (Optional) Global toggle for TLS usage when communicating with
-#   the caching servers.
-#   Defaults to $facts['os_service_default']
+#  [*cache_tls_enabled*]
+#    (optional) Global toggle for TLS usage when communicating with
+#    the caching servers.
+#    Defaults to $facts['os_service_default']
+#    Default to false
 #
-# [*cache_tls_cafile*]
-#   (Optional) Path to a file of concatenated CA certificates in PEM
-#   format necessary to establish the caching server's authenticity.
-#   If tls_enabled is False, this option is ignored.
-#   Defaults to $facts['os_service_default']
+#  [*cache_tls_cafile*]
+#    (optional) Path to a file of concatenated CA certificates in PEM
+#    format necessary to establish the caching server's authenticity.
+#    If tls_enabled is False, this option is ignored.
+#    Defaults to $facts['os_service_default']
 #
-# [*cache_tls_certfile*]
-#   (Optional) Path to a single file in PEM format containing the
-#   client's certificate as well as any number of CA certificates
-#   needed to establish the certificate's authenticity. This file
-#   is only required when client side authentication is necessary.
-#   If tls_enabled is False, this option is ignored.
-#   Defaults to $facts['os_service_default']
+#  [*cache_tls_certfile*]
+#    (optional) Path to a single file in PEM format containing the
+#    client's certificate as well as any number of CA certificates
+#    needed to establish the certificate's authenticity. This file
+#    is only required when client side authentication is necessary.
+#    If tls_enabled is False, this option is ignored.
+#    Defaults to $facts['os_service_default']
 #
-# [*cache_tls_keyfile*]
-#   (Optional) Path to a single file containing the client's private
-#   key in. Otherwise the private key will be taken from the file
-#   specified in tls_certfile. If tls_enabled is False, this option
-#   is ignored.
-#   Defaults to $facts['os_service_default']
+#  [*cache_tls_keyfile*]
+#    (optional) Path to a single file containing the client's private
+#    key in. Otherwise the private key will be taken from the file
+#    specified in tls_certfile. If tls_enabled is False, this option
+#    is ignored.
+#    Defaults to $facts['os_service_default']
+#
+#  [*purge_config*]
+#    (optional) Whether to set only the specified config options
+#    in the proxy config.
+#    Defaults to false.
 #
 class swift::containerreconciler(
   Boolean $manage_service                  = true,
@@ -105,6 +109,7 @@ class swift::containerreconciler(
   $cache_tls_cafile                        = $facts['os_service_default'],
   $cache_tls_certfile                      = $facts['os_service_default'],
   $cache_tls_keyfile                       = $facts['os_service_default'],
+  Boolean $purge_config                    = false,
 ) inherits swift::params {
 
   include swift::deps
@@ -114,6 +119,10 @@ class swift::containerreconciler(
     fail('proxy-server must be the last element in pipeline')
   }
 
+  resources { 'swift_container_reconciler_config':
+    purge => $purge_config,
+  }
+
   # only add memcache servers if 'cache' is included in the pipeline
   if !empty(grep(any2array($pipeline), 'cache')) {
 
diff --git a/manifests/init.pp b/manifests/init.pp
index 9ed7a1ff..2fe59a7b 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -27,6 +27,11 @@
 #   (Optional) The ensure state for the swift package.
 #   Defaults to present.
 #
+# [*purge_config*]
+#   (Optional) Whether to set only the specified config options in the swift
+#   config.
+#   Defaults to false.
+#
 # == Dependencies
 #
 # None
@@ -43,6 +48,7 @@ class swift(
   $swift_hash_path_suffix = $facts['os_service_default'],
   $swift_hash_path_prefix = $facts['os_service_default'],
   $package_ensure         = 'present',
+  Boolean $purge_config   = false,
 ) {
 
   include swift::deps
@@ -59,6 +65,10 @@ class swift(
     tag    => ['openstack', 'swift-package'],
   }
 
+  resources { 'swift_config':
+    purge => $purge_config,
+  }
+
   swift_config {
     'swift-hash/swift_hash_path_suffix': value => $swift_hash_path_suffix;
     'swift-hash/swift_hash_path_prefix': value => $swift_hash_path_prefix;
diff --git a/manifests/internal_client.pp b/manifests/internal_client.pp
index 4e95cd75..9dcd6d8e 100644
--- a/manifests/internal_client.pp
+++ b/manifests/internal_client.pp
@@ -45,6 +45,11 @@
 #    (optional) Configures recoverable_node_timeout for internal client.
 #    Defaults to $facts['os_service_default'].
 #
+#  [*purge_config*]
+#    (optional) Whether to set only the specified config options in
+#    the internal client config.
+#    Defaults to false.
+#
 class swift::internal_client (
   $user                      = $::swift::params::user,
   Swift::Pipeline $pipeline  = ['catch_errors', 'proxy-logging', 'cache', 'proxy-server'],
@@ -56,6 +61,7 @@ class swift::internal_client (
   $client_timeout            = $facts['os_service_default'],
   $node_timeout              = $facts['os_service_default'],
   $recoverable_node_timeout  = $facts['os_service_default'],
+  Boolean $purge_config      = false,
 ) inherits swift::params {
 
   include swift::deps
@@ -64,6 +70,10 @@ class swift::internal_client (
     fail('proxy-server must be the last element in pipeline')
   }
 
+  resources { 'swift_internal_client_config':
+    purge => $purge_config,
+  }
+
   swift_internal_client_config {
     'DEFAULT/user':                               value => $user;
     'pipeline:main/pipeline':                     value => join($pipeline, ' ');
diff --git a/manifests/memcache.pp b/manifests/memcache.pp
index 7b4489d5..3f8b89bc 100644
--- a/manifests/memcache.pp
+++ b/manifests/memcache.pp
@@ -18,42 +18,49 @@
 # === Parameters
 #
 # [*memcache_servers*]
-# You can use this single conf file instead of having memcache_servers set in
-# several other conf files under [filter:cache] for example. You can specify
-# multiple servers separated with commas, as in: 10.1.2.3:11211,10.1.2.4:11211
-# Default to ['127.0.0.1:11211']
+#  (optional) You can use this single conf file instead of having
+#  memcache_servers set in several other conf files under [filter:cache] for
+#  example. You can specify multiple servers separated with commas, as in:
+#  10.1.2.3:11211,10.1.2.4:11211
+#  Default to ['127.0.0.1:11211']
 #
 # [*memcache_serialization_support*]
-# Sets how memcache values are serialized and deserialized:
-# 0 = older, insecure pickle serialization
-# 1 = json serialization but pickles can still be read (still insecure)
-# 2 = json serialization only (secure and the default)
-# To avoid an instant full cache flush, existing installations should
-# upgrade with 0, then set to 1 and reload, then after some time (24 hours)
-# set to 2 and reload.
-# In the future, the ability to use pickle serialization will be removed.
-# Default to $facts['os_service_default']
+#  (optional) Sets how memcache values are serialized and deserialized:
+#  0 = older, insecure pickle serialization
+#  1 = json serialization but pickles can still be read (still insecure)
+#  2 = json serialization only (secure and the default)
+#  To avoid an instant full cache flush, existing installations should
+#  upgrade with 0, then set to 1 and reload, then after some time (24 hours)
+#  set to 2 and reload.
+#  In the future, the ability to use pickle serialization will be removed.
+#  Default to $facts['os_service_default']
 #
 # [*memcache_max_connections*]
-# Sets the maximum number of connections to each memcached server per worker
-# Default to $facts['os_service_default']
+#  (optional) Sets the maximum number of connections to each memcached server
+#  per worker
+#  Default to $facts['os_service_default']
 #
 # [*connect_timeout*]
-# Timeout for connection
-# Default to $facts['os_service_default']
+#  (optional) Timeout for connection
+#  Default to $facts['os_service_default']
 #
 # [*pool_timeout*]
-# Timeout for pooled connection
-# Default to $facts['os_service_default']
+#  (optional) Timeout for pooled connection
+#  Default to $facts['os_service_default']
 #
 # [*tries*]
-# number of servers to retry on failures getting a pooled connection
-# Default to $facts['os_service_default']
+#  (optional) number of servers to retry on failures getting a pooled
+#  connection
+#  Default to $facts['os_service_default']
 #
 # [*io_timeout*]
-# Timeout for read and writes
-# Default to $facts['os_service_default']
+#  (optional) Timeout for read and writes
+#  Default to $facts['os_service_default']
 #
+# [*purge_config*]
+#  (optional) Whether to set only the specified config options in the memcache
+#  config.
+#  Defaults to false.
 #
 # === Authors
 #
@@ -67,11 +74,15 @@ class swift::memcache (
   $pool_timeout                   = $facts['os_service_default'],
   $tries                          = $facts['os_service_default'],
   $io_timeout                     = $facts['os_service_default'],
+  Boolean $purge_config           = false,
 ) {
 
   include swift::deps
   include swift::params
 
+  resources { 'swift_memcache_config':
+    purge => $purge_config,
+  }
 
   file { '/etc/swift/memcache.conf':
     ensure => file,
diff --git a/manifests/objectexpirer.pp b/manifests/objectexpirer.pp
index 823b6e71..897037fa 100644
--- a/manifests/objectexpirer.pp
+++ b/manifests/objectexpirer.pp
@@ -101,6 +101,11 @@
 #    (optional) Log level
 #    Defaults to 'LOG_LOCAL2'.
 #
+#  [*purge_config*]
+#    (optional) Whether to set only the specified config options
+#    in the object expirer config.
+#    Defaults to false.
+#
 class swift::objectexpirer(
   Boolean $manage_service        = true,
   Boolean $enabled               = true,
@@ -122,6 +127,7 @@ class swift::objectexpirer(
   $cache_tls_keyfile             = $facts['os_service_default'],
   $log_level                     = 'INFO',
   $log_facility                  = 'LOG_LOCAL2',
+  Boolean $purge_config          = false,
 ) inherits swift::params {
 
   include swift::deps
@@ -137,6 +143,10 @@ class swift::objectexpirer(
     }
   }
 
+  resources { 'swift_object_expirer_config':
+    purge => $purge_config,
+  }
+
   if $pipeline[-1] != 'proxy-server' {
     fail('proxy-server must be the last element in pipeline')
   }
diff --git a/manifests/storage/server.pp b/manifests/storage/server.pp
index ff45f0bb..1239a752 100644
--- a/manifests/storage/server.pp
+++ b/manifests/storage/server.pp
@@ -49,11 +49,11 @@
 #   Defaults to undef.
 #
 # [*incoming_chmod*] Incoming chmod to set in the rsync server.
-#   Optional. Defaults to 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r'
+#   (optional) Defaults to 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r'
 #   This mask translates to 0755 for directories and 0644 for files.
 #
 # [*outgoing_chmod*] Outgoing chmod to set in the rsync server.
-#   Optional. Defaults to 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r'
+#   (optional) Defaults to 'Du=rwx,g=rx,o=rx,Fu=rw,g=r,o=r'
 #   This mask translates to 0755 for directories and 0644 for files.
 #
 # [*pipeline*]
@@ -219,6 +219,11 @@
 #   (optional) Time in seconds to wait between sharder cycles.
 #   Default to $facts['os_service_default'].
 #
+# [*purge_config*]
+#   (optional) Whether to set only the specified config options
+#   in the config file.
+#   Defaults to false.
+#
 # DEPRECATED PARAMETERS
 #
 # [*config_file_path*]
@@ -279,6 +284,7 @@ define swift::storage::server(
   $container_sharder_auto_shard                          = $facts['os_service_default'],
   $container_sharder_concurrency                         = $facts['os_service_default'],
   $container_sharder_interval                            = $facts['os_service_default'],
+  Boolean $purge_config                                  = false,
   # DEPRECATED PARAMETERS
   $config_file_path                                      = undef,
 ){
@@ -356,6 +362,10 @@ define swift::storage::server(
     before  => $required_middlewares,
   }
 
+  resources { "swift_${type}_config":
+    purge => $purge_config,
+  }
+
   # common settings
   $common_opts = {
     'DEFAULT/devices'                      => {'value'  => $devices},
diff --git a/releasenotes/notes/purge_config-1732c9ffe8979d26.yaml b/releasenotes/notes/purge_config-1732c9ffe8979d26.yaml
new file mode 100644
index 00000000..1af51a1c
--- /dev/null
+++ b/releasenotes/notes/purge_config-1732c9ffe8979d26.yaml
@@ -0,0 +1,12 @@
+---
+features:
+  - |
+    The ``purge_config`` parameter has been added to the following classes and
+    defined resource types
+
+    - ``swift``
+    - ``swift::containerreconciler``
+    - ``swift::internal_client``
+    - ``swift::memcache``
+    - ``swift::objectexpirer``
+    - ``swift::storage::server``