openstack/puppet-tripleo
Code Issues Proposed changes

Use memcached for token caching in glance authtoken

Browse Source 
Use memcached to cache token in glance authtoken, as in-process
cache, which we currently use, was already deprecated[1].

[1] Ied2b88c8cefe5655a88d0c2f334de04e588fa75a

Change-Id: Iba9c1df73c00e5eb314cb6bc2cda06ccd6ead96f
This commit is contained in:
Takashi Kajinami 2019-09-08 20:14:46 +09:00
parent 2189f6da4b
commit 828a387ef9
4 changed files with 118 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
manifests/profile/base/glance/api.pp
View File

@ -148,6 +148,8 @@ class tripleo::profile::base::glance::api (
$sync_db = false $sync_db = false
} }
include ::tripleo::profile::base::glance::authtoken
if $step >= 4 or ($step >= 3 and $sync_db) { if $step >= 4 or ($step >= 3 and $sync_db) {
if $enable_internal_tls { if $enable_internal_tls {
if !$glance_network { if !$glance_network {

44
manifests/profile/base/glance/authtoken.pp Normal file
View File

@ -0,0 +1,44 @@
# Copyright 2019 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: tripleo::profile::base::glance::authtoken
#
# Glance authtoken profile for TripleO
#
# [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates
# for more details.
# Defaults to hiera('step')
#
# [*memcached_ips*]
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
class tripleo::profile::base::glance::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
) {
if $step >= 3 {
if is_ipv6_address($memcached_ips[0]) {
$memcache_servers = prefix(suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211'), 'inet6:')
} else {
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
class { '::glance::api::authtoken':
memcached_servers => $memcache_servers
}
}
}

70
spec/classes/tripleo_profile_base_glance_authtoken_spec.rb Normal file
View File

@ -0,0 +1,70 @@
#
# Copyright (C) 2019 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
require 'spec_helper'
describe 'tripleo::profile::base::glance::authtoken' do
shared_examples_for 'tripleo::profile::base::glance::authtoken' do
context 'with step less than 3' do
let(:params) { {
:step => 1,
} }
it {
is_expected.to contain_class('tripleo::profile::base::glance::authtoken')
is_expected.to_not contain_class('glance::api::authtoken')
}
end
context 'with step 3' do
let(:params) { {
:step => 3,
:memcached_ips => '127.0.0.1',
} }
it {
is_expected.to contain_class('tripleo::profile::base::glance::authtoken')
is_expected.to contain_class('glance::api::authtoken').with(
:memcached_servers => ['127.0.0.1:11211'])
}
end
context 'with step 3 with ipv6' do
let(:params) { {
:step => 3,
:memcached_ips => '::1',
} }
it {
is_expected.to contain_class('tripleo::profile::base::glance::authtoken')
is_expected.to contain_class('glance::api::authtoken').with(
:memcached_servers => ['[::1]:11211'])
}
end
end
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) do
facts.merge({ :hostname => 'node.example.com' })
end
it_behaves_like 'tripleo::profile::base::glance::authtoken'
end
end
end

2
spec/fixtures/hieradata/default.yaml vendored
View File

@ -39,6 +39,8 @@ cinder_volume_short_node_names:
cinder::backup::nfs::backup_share: '/mnt/backup' cinder::backup::nfs::backup_share: '/mnt/backup'
cinder::rabbit_password: 'password' cinder::rabbit_password: 'password'
cinder::keystone::authtoken::password: 'password' cinder::keystone::authtoken::password: 'password'
# glance related items
glance::api::authtoken::password: 'password'
# gnocchi related items # gnocchi related items
gnocchi_api_short_bootstrap_node_name: node gnocchi_api_short_bootstrap_node_name: node
gnocchi::keystone::authtoken::password: 'password' gnocchi::keystone::authtoken::password: 'password'