Use memcached for token caching in neutron authtoken

Use memcached to cache token in neutron authtoken, as in-process cache, which we currently use, was already deprecated[1]. [1] Ied2b88c8cefe5655a88d0c2f334de04e588fa75a Change-Id: I8a7b01b4f16ab94fedabc20cc876b68d8cb6e04a
2019-09-08 20:21:31 +09:00 · 2019-09-08 20:21:31 +09:00 · 22eeade936
commit 22eeade936
parent 2189f6da4b
4 changed files with 116 additions and 0 deletions
--- a/manifests/profile/base/neutron/authtoken.pp
+++ b/manifests/profile/base/neutron/authtoken.pp
@ -0,0 +1,44 @@
+# Copyright 2019 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# == Class: tripleo::profile::base::neutron::authtoken
+#
+# Neutron authtoken profile for TripleO
+#
+# [*step*]
+#   (Optional) The current step in deployment. See tripleo-heat-templates
+#   for more details.
+#   Defaults to hiera('step')
+#
+# [*memcached_ips*]
+#   (Optional) Array of ipv4 or ipv6 addresses for memcache.
+#   Defaults to hiera('memcached_node_ips')
+#
+class tripleo::profile::base::neutron::authtoken (
+  $step                = Integer(hiera('step')),
+  $memcached_ips       = hiera('memcached_node_ips'),
+) {
+
+  if $step >= 3 {
+    if is_ipv6_address($memcached_ips[0]) {
+      $memcache_servers = prefix(suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211'), 'inet6:')
+    } else {
+      $memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
+    }
+
+    class { '::neutron::keystone::authtoken':
+      memcached_servers => $memcache_servers
+    }
+  }
+}
--- a/manifests/profile/base/neutron/server.pp
+++ b/manifests/profile/base/neutron/server.pp
@ -107,6 +107,7 @@ class tripleo::profile::base::neutron::server (
  }

  include ::tripleo::profile::base::neutron
+  include ::tripleo::profile::base::neutron::authtoken

  # Calculate neutron::server::l3_ha based on the number of API nodes
  # combined with if DVR is enabled.
--- a/spec/classes/tripleo_profile_base_neutron_authtoken_spec.rb
+++ b/spec/classes/tripleo_profile_base_neutron_authtoken_spec.rb
@ -0,0 +1,70 @@
+#
+# Copyright (C) 2019 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+require 'spec_helper'
+
+describe 'tripleo::profile::base::neutron::authtoken' do
+  shared_examples_for 'tripleo::profile::base::neutron::authtoken' do
+    context 'with step less than 3' do
+      let(:params) { {
+        :step => 1,
+      } }
+
+      it {
+        is_expected.to contain_class('tripleo::profile::base::neutron::authtoken')
+        is_expected.to_not contain_class('neutron::keystone::authtoken')
+      }
+    end
+
+    context 'with step 3' do
+      let(:params) { {
+        :step => 3,
+        :memcached_ips => '127.0.0.1',
+      } }
+
+      it {
+        is_expected.to contain_class('tripleo::profile::base::neutron::authtoken')
+        is_expected.to contain_class('neutron::keystone::authtoken').with(
+            :memcached_servers => ['127.0.0.1:11211'])
+      }
+    end
+
+    context 'with step 3 with ipv6' do
+      let(:params) { {
+        :step     => 3,
+        :memcached_ips => '::1',
+      } }
+
+      it {
+        is_expected.to contain_class('tripleo::profile::base::neutron::authtoken')
+        is_expected.to contain_class('neutron::keystone::authtoken').with(
+            :memcached_servers => ['[::1]:11211'])
+      }
+    end
+
+  end
+
+
+  on_supported_os.each do |os, facts|
+    context "on #{os}" do
+      let(:facts) do
+        facts.merge({ :hostname => 'node.example.com' })
+      end
+
+      it_behaves_like 'tripleo::profile::base::neutron::authtoken'
+    end
+  end
+end
--- a/spec/fixtures/hieradata/default.yaml
+++ b/spec/fixtures/hieradata/default.yaml
@ -86,6 +86,7 @@ horizon_node_names:
 - 'controller-1'
 #Neutron related
 neutron::rabbit_password: 'password'
+neutron::keystone::authtoken::password: 'password'
 # oslo.messaging related
 oslo_messaging_rpc_password: 'password'
 oslo_messaging_notify_password: 'password'