Set rgw_keystone_revocation_interval to 0 for ceph::rgw::keystone

Ceph RGW defaults to checking every 600 seconds for a revocation. This is only useful for PKI tokens. PKI is not enabled. This check needs to be disabled. Closes-Bug: #1748137 Change-Id: I2487ce8e5cb5d3dc0d7fb8e547a4abe0e086ff4b (cherry picked from commit 9aa495d8ab)
2018-02-07 13:25:51 -05:00 · 2018-02-07 13:25:51 -05:00 · 8396e8b61e
parent 707e108842
commit 8396e8b61e
2 changed files with 21 additions and 17 deletions
--- a/manifests/profile/base/ceph/rgw.pp
+++ b/manifests/profile/base/ceph/rgw.pp
@ -77,21 +77,23 @@ class tripleo::profile::base::ceph::rgw (
  if $step >= 4 {
    if $rgw_keystone_version == 'v2.0' {
      ceph::rgw::keystone { $rgw_name:
-        rgw_keystone_accepted_roles => ['admin', '_member_', 'Member'],
-        use_pki                     => false,
-        rgw_keystone_admin_token    => $keystone_admin_token,
-        rgw_keystone_url            => $keystone_url,
-        user                        => 'ceph',
+        rgw_keystone_accepted_roles      => ['admin', '_member_', 'Member'],
+        use_pki                          => false,
+        rgw_keystone_admin_token         => $keystone_admin_token,
+        rgw_keystone_url                 => $keystone_url,
+        user                             => 'ceph',
+        rgw_keystone_revocation_interval => 0,
      }
    }
    else
    {
      ceph::rgw::keystone { $rgw_name:
-        rgw_keystone_accepted_roles => ['admin', '_member_', 'Member'],
-        use_pki                     => false,
-        rgw_keystone_url            => $keystone_url,
-        rgw_keystone_version        => $rgw_keystone_version,
-        user                        => 'ceph',
+        rgw_keystone_accepted_roles      => ['admin', '_member_', 'Member'],
+        use_pki                          => false,
+        rgw_keystone_url                 => $keystone_url,
+        rgw_keystone_version             => $rgw_keystone_version,
+        user                             => 'ceph',
+        rgw_keystone_revocation_interval => 0,
      }
    }
  }
--- a/spec/classes/tripleo_profile_base_ceph_rgw_spec.rb
+++ b/spec/classes/tripleo_profile_base_ceph_rgw_spec.rb
@ -78,10 +78,11 @@ describe 'tripleo::profile::base::ceph::rgw' do
          :inject  => true
        )
        is_expected.to contain_ceph__rgw__keystone('radosgw.gateway').with(
-          :rgw_keystone_accepted_roles => ['admin', '_member_', 'Member'],
-          :use_pki                     => false,
-          :rgw_keystone_admin_token    => 'token',
-          :rgw_keystone_url            => 'url'
+          :rgw_keystone_accepted_roles      => ['admin', '_member_', 'Member'],
+          :use_pki                          => false,
+          :rgw_keystone_admin_token         => 'token',
+          :rgw_keystone_url                 => 'url',
+          :rgw_keystone_revocation_interval => 0
        )
      end
    end
@ -90,9 +91,10 @@ describe 'tripleo::profile::base::ceph::rgw' do
      let(:params) { default_params.merge({ :step => 4, :rgw_keystone_version => 'v3' }) }
      it 'should include rgw configuration' do
        is_expected.to contain_ceph__rgw__keystone('radosgw.gateway').with(
-          :rgw_keystone_accepted_roles => ["admin", "_member_", "Member"],
-          :use_pki                     => false,
-          :rgw_keystone_url            => 'url'
+          :rgw_keystone_accepted_roles      => ["admin", "_member_", "Member"],
+          :use_pki                          => false,
+          :rgw_keystone_url                 => 'url',
+          :rgw_keystone_revocation_interval => 0
        )
      end
    end