Use memcached for token caching in authtoken for telemetry services
Use memcached to cache token in authtoken middleware for telemetry services(gnocchi, aodh and panko), as in-process cache, which we currently use, was already deprecated[1]. [1] Ied2b88c8cefe5655a88d0c2f334de04e588fa75a Change-Id: Ib9a881ab52d44c77eeef1716cb4e9f6340735ebc
This commit is contained in:
parent
d667bad643
commit
ce42b4b096
|
@ -63,6 +63,7 @@ class tripleo::profile::base::aodh::api (
|
|||
}
|
||||
|
||||
include ::tripleo::profile::base::aodh
|
||||
include ::tripleo::profile::base::aodh::authtoken
|
||||
|
||||
if $enable_internal_tls {
|
||||
if !$aodh_network {
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
# Copyright 2019 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
# == Class: tripleo::profile::base::aodh::authtoken
|
||||
#
|
||||
# Aodh authtoken profile for TripleO
|
||||
#
|
||||
# [*step*]
|
||||
# (Optional) The current step in deployment. See tripleo-heat-templates
|
||||
# for more details.
|
||||
# Defaults to hiera('step')
|
||||
#
|
||||
# [*memcached_ips*]
|
||||
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
|
||||
# Defaults to hiera('memcached_node_ips')
|
||||
#
|
||||
class tripleo::profile::base::aodh::authtoken (
|
||||
$step = Integer(hiera('step')),
|
||||
$memcached_ips = hiera('memcached_node_ips'),
|
||||
) {
|
||||
|
||||
if $step >= 3 {
|
||||
if is_ipv6_address($memcached_ips[0]) {
|
||||
$memcache_servers = prefix(suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211'), 'inet6:')
|
||||
} else {
|
||||
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
|
||||
}
|
||||
|
||||
class { '::aodh::keystone::authtoken':
|
||||
memcached_servers => $memcache_servers
|
||||
}
|
||||
}
|
||||
}
|
|
@ -87,6 +87,7 @@ class tripleo::profile::base::gnocchi::api (
|
|||
}
|
||||
|
||||
include ::tripleo::profile::base::gnocchi
|
||||
include ::tripleo::profile::base::gnocchi::authtoken
|
||||
|
||||
if $enable_internal_tls {
|
||||
if !$gnocchi_network {
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
# Copyright 2019 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
# == Class: tripleo::profile::base::gnocchi::authtoken
|
||||
#
|
||||
# Gnocchi authtoken profile for TripleO
|
||||
#
|
||||
# [*step*]
|
||||
# (Optional) The current step in deployment. See tripleo-heat-templates
|
||||
# for more details.
|
||||
# Defaults to hiera('step')
|
||||
#
|
||||
# [*memcached_ips*]
|
||||
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
|
||||
# Defaults to hiera('memcached_node_ips')
|
||||
#
|
||||
class tripleo::profile::base::gnocchi::authtoken (
|
||||
$step = Integer(hiera('step')),
|
||||
$memcached_ips = hiera('memcached_node_ips'),
|
||||
) {
|
||||
|
||||
if $step >= 3 {
|
||||
if is_ipv6_address($memcached_ips[0]) {
|
||||
$memcache_servers = prefix(suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211'), 'inet6:')
|
||||
} else {
|
||||
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
|
||||
}
|
||||
|
||||
class { '::gnocchi::keystone::authtoken':
|
||||
memcached_servers => $memcache_servers
|
||||
}
|
||||
}
|
||||
}
|
|
@ -67,6 +67,7 @@ class tripleo::profile::base::panko::api (
|
|||
}
|
||||
|
||||
include ::tripleo::profile::base::panko
|
||||
include ::tripleo::profile::base::panko::authtoken
|
||||
|
||||
if $enable_internal_tls {
|
||||
if !$panko_network {
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
# Copyright 2019 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
# == Class: tripleo::profile::base::panko::authtoken
|
||||
#
|
||||
# Panko authtoken profile for TripleO
|
||||
#
|
||||
# [*step*]
|
||||
# (Optional) The current step in deployment. See tripleo-heat-templates
|
||||
# for more details.
|
||||
# Defaults to hiera('step')
|
||||
#
|
||||
# [*memcached_ips*]
|
||||
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
|
||||
# Defaults to hiera('memcached_node_ips')
|
||||
#
|
||||
class tripleo::profile::base::panko::authtoken (
|
||||
$step = Integer(hiera('step')),
|
||||
$memcached_ips = hiera('memcached_node_ips'),
|
||||
) {
|
||||
|
||||
if $step >= 3 {
|
||||
if is_ipv6_address($memcached_ips[0]) {
|
||||
$memcache_servers = prefix(suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211'), 'inet6:')
|
||||
} else {
|
||||
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
|
||||
}
|
||||
|
||||
class { '::panko::keystone::authtoken':
|
||||
memcached_servers => $memcache_servers
|
||||
}
|
||||
}
|
||||
}
|
|
@ -17,6 +17,11 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'tripleo::profile::base::aodh::api' do
|
||||
|
||||
before :each do
|
||||
facts.merge!({ :step => params[:step] })
|
||||
end
|
||||
|
||||
shared_examples_for 'tripleo::profile::base::aodh::api' do
|
||||
let(:pre_condition) do
|
||||
"class { '::tripleo::profile::base::aodh': step => #{params[:step]}, oslomsg_rpc_hosts => ['localhost.localdomain'] }"
|
||||
|
|
|
@ -0,0 +1,70 @@
|
|||
#
|
||||
# Copyright (C) 2019 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'tripleo::profile::base::aodh::authtoken' do
|
||||
shared_examples_for 'tripleo::profile::base::aodh::authtoken' do
|
||||
context 'with step less than 3' do
|
||||
let(:params) { {
|
||||
:step => 1,
|
||||
} }
|
||||
|
||||
it {
|
||||
is_expected.to contain_class('tripleo::profile::base::aodh::authtoken')
|
||||
is_expected.to_not contain_class('aodh::keystone::authtoken')
|
||||
}
|
||||
end
|
||||
|
||||
context 'with step 3' do
|
||||
let(:params) { {
|
||||
:step => 3,
|
||||
:memcached_ips => '127.0.0.1',
|
||||
} }
|
||||
|
||||
it {
|
||||
is_expected.to contain_class('tripleo::profile::base::aodh::authtoken')
|
||||
is_expected.to contain_class('aodh::keystone::authtoken').with(
|
||||
:memcached_servers => ['127.0.0.1:11211'])
|
||||
}
|
||||
end
|
||||
|
||||
context 'with step 3 with ipv6' do
|
||||
let(:params) { {
|
||||
:step => 3,
|
||||
:memcached_ips => '::1',
|
||||
} }
|
||||
|
||||
it {
|
||||
is_expected.to contain_class('tripleo::profile::base::aodh::authtoken')
|
||||
is_expected.to contain_class('aodh::keystone::authtoken').with(
|
||||
:memcached_servers => ['[::1]:11211'])
|
||||
}
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
|
||||
on_supported_os.each do |os, facts|
|
||||
context "on #{os}" do
|
||||
let(:facts) do
|
||||
facts.merge({ :hostname => 'node.example.com' })
|
||||
end
|
||||
|
||||
it_behaves_like 'tripleo::profile::base::aodh::authtoken'
|
||||
end
|
||||
end
|
||||
end
|
|
@ -17,6 +17,11 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'tripleo::profile::base::gnocchi::api' do
|
||||
|
||||
before :each do
|
||||
facts.merge!({ :step => params[:step] })
|
||||
end
|
||||
|
||||
shared_examples_for 'tripleo::profile::base::gnocchi::api' do
|
||||
let(:pre_condition) do
|
||||
"
|
||||
|
|
|
@ -0,0 +1,70 @@
|
|||
#
|
||||
# Copyright (C) 2019 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'tripleo::profile::base::gnocchi::authtoken' do
|
||||
shared_examples_for 'tripleo::profile::base::gnocchi::authtoken' do
|
||||
context 'with step less than 3' do
|
||||
let(:params) { {
|
||||
:step => 1,
|
||||
} }
|
||||
|
||||
it {
|
||||
is_expected.to contain_class('tripleo::profile::base::gnocchi::authtoken')
|
||||
is_expected.to_not contain_class('gnocchi::keystone::authtoken')
|
||||
}
|
||||
end
|
||||
|
||||
context 'with step 3' do
|
||||
let(:params) { {
|
||||
:step => 3,
|
||||
:memcached_ips => '127.0.0.1',
|
||||
} }
|
||||
|
||||
it {
|
||||
is_expected.to contain_class('tripleo::profile::base::gnocchi::authtoken')
|
||||
is_expected.to contain_class('gnocchi::keystone::authtoken').with(
|
||||
:memcached_servers => ['127.0.0.1:11211'])
|
||||
}
|
||||
end
|
||||
|
||||
context 'with step 3 with ipv6' do
|
||||
let(:params) { {
|
||||
:step => 3,
|
||||
:memcached_ips => '::1',
|
||||
} }
|
||||
|
||||
it {
|
||||
is_expected.to contain_class('tripleo::profile::base::gnocchi::authtoken')
|
||||
is_expected.to contain_class('gnocchi::keystone::authtoken').with(
|
||||
:memcached_servers => ['[::1]:11211'])
|
||||
}
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
|
||||
on_supported_os.each do |os, facts|
|
||||
context "on #{os}" do
|
||||
let(:facts) do
|
||||
facts.merge({ :hostname => 'node.example.com' })
|
||||
end
|
||||
|
||||
it_behaves_like 'tripleo::profile::base::gnocchi::authtoken'
|
||||
end
|
||||
end
|
||||
end
|
|
@ -0,0 +1,70 @@
|
|||
#
|
||||
# Copyright (C) 2019 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'tripleo::profile::base::panko::authtoken' do
|
||||
shared_examples_for 'tripleo::profile::base::panko::authtoken' do
|
||||
context 'with step less than 3' do
|
||||
let(:params) { {
|
||||
:step => 1,
|
||||
} }
|
||||
|
||||
it {
|
||||
is_expected.to contain_class('tripleo::profile::base::panko::authtoken')
|
||||
is_expected.to_not contain_class('panko::keystone::authtoken')
|
||||
}
|
||||
end
|
||||
|
||||
context 'with step 3' do
|
||||
let(:params) { {
|
||||
:step => 3,
|
||||
:memcached_ips => '127.0.0.1',
|
||||
} }
|
||||
|
||||
it {
|
||||
is_expected.to contain_class('tripleo::profile::base::panko::authtoken')
|
||||
is_expected.to contain_class('panko::keystone::authtoken').with(
|
||||
:memcached_servers => ['127.0.0.1:11211'])
|
||||
}
|
||||
end
|
||||
|
||||
context 'with step 3 with ipv6' do
|
||||
let(:params) { {
|
||||
:step => 3,
|
||||
:memcached_ips => '::1',
|
||||
} }
|
||||
|
||||
it {
|
||||
is_expected.to contain_class('tripleo::profile::base::panko::authtoken')
|
||||
is_expected.to contain_class('panko::keystone::authtoken').with(
|
||||
:memcached_servers => ['[::1]:11211'])
|
||||
}
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
|
||||
on_supported_os.each do |os, facts|
|
||||
context "on #{os}" do
|
||||
let(:facts) do
|
||||
facts.merge({ :hostname => 'node.example.com' })
|
||||
end
|
||||
|
||||
it_behaves_like 'tripleo::profile::base::panko::authtoken'
|
||||
end
|
||||
end
|
||||
end
|
|
@ -65,6 +65,8 @@ nova_placement_short_bootstrap_node_name: node
|
|||
nova::rabbit_password: 'password'
|
||||
nova::keystone::authtoken::password: 'password'
|
||||
nova::network::neutron::neutron_password: 'password'
|
||||
# panko related items
|
||||
panko::keystone::authtoken::password: 'password'
|
||||
# placement related items
|
||||
placement_api_short_bootstrap_node_name: node
|
||||
placement_short_bootstrap_node_name: node
|
||||
|
|
Loading…
Reference in New Issue