Merge "Add authtoken security options" into stable/train

This commit is contained in:
Zuul 2021-02-24 03:42:06 +00:00 committed by Gerrit Code Review
commit cecdba0997
16 changed files with 397 additions and 30 deletions

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::aodh::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::aodh::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+aodh")
} else {
$hashed_secret_key = undef
}
class { '::aodh::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', [])
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::barbican::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::barbican::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+barbican")
} else {
$hashed_secret_key = undef
}
class { '::barbican::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::cinder::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::cinder::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+cinder")
} else {
$hashed_secret_key = undef
}
class { '::cinder::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::designate::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::designate::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+designate")
} else {
$hashed_secret_key = undef
}
class { '::designate::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::glance::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::glance::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+glance")
} else {
$hashed_secret_key = undef
}
class { '::glance::api::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::gnocchi::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::gnocchi::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+gnocchi")
} else {
$hashed_secret_key = undef
}
class { '::gnocchi::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::heat::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::heat::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+heat")
} else {
$hashed_secret_key = undef
}
class { '::heat::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::ironic::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::ironic::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+ironic")
} else {
$hashed_secret_key = undef
}
class { '::ironic::api::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::ironic_inspector::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::ironic_inspector::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+ironic_inspector")
} else {
$hashed_secret_key = undef
}
class { '::ironic::inspector::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::manila::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::manila::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+manila")
} else {
$hashed_secret_key = undef
}
class { '::manila::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::neutron::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::neutron::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+neutron")
} else {
$hashed_secret_key = undef
}
class { '::neutron::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::nova::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::nova::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+nova")
} else {
$hashed_secret_key = undef
}
class { '::nova::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::octavia::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::octavia::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+octavia")
} else {
$hashed_secret_key = undef
}
class { '::octavia::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::panko::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::panko::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+zaqar")
} else {
$hashed_secret_key = undef
}
class { '::panko::keystone::authtoken':
memcached_servers => $memcache_servers
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -25,9 +25,25 @@
# (Optional) Array of ipv4 or ipv6 addresses for memcache.
# Defaults to hiera('memcached_node_ips')
#
# [*memcached_port*]
# (Optional) Memcached port to use.
# Defaults to hiera('memcached_authtoken_port', 11211)
#
# [*security_strategy*]
# (Optional) Memcached (authtoken) security strategy.
# Defaults to hiera('memcached_authtoken_security_strategy', undef)
#
# [*secret_key*]
# (Optional) Memcached (authtoken) secret key, used with security_strategy.
# The key is hashed with a salt, to isolate services.
# Defaults to hiera('memcached_authtoken_secret_key', undef)
#
class tripleo::profile::base::placement::authtoken (
$step = Integer(hiera('step')),
$memcached_ips = hiera('memcached_node_ips'),
$memcached_ips = hiera('memcached_node_ips', []),
$memcached_port = hiera('memcached_authtoken_port', 11211),
$security_strategy = hiera('memcached_authtoken_security_strategy', undef),
$secret_key = hiera('memcached_authtoken_secret_key', undef),
) {
if $step >= 3 {
@ -37,8 +53,16 @@ class tripleo::profile::base::placement::authtoken (
$memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211')
}
if $secret_key {
$hashed_secret_key = sha256("${secret_key}+placement")
} else {
$hashed_secret_key = undef
}
class { '::placement::keystone::authtoken':
memcached_servers => $memcache_servers,
memcache_security_strategy => $security_strategy,
memcache_secret_key => $hashed_secret_key,
}
}
}

View File

@ -0,0 +1,7 @@
---
features:
- |
Add ability to specify the memcache_security_strategy and
memcache_secret_key for keystone authtoken middleware. The keys
used by individual services are hashed with a salt (the service
name), to isolate them.