From db35747962ff8d00ac903cd1e153f5b25a78e33a Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Thu, 19 Sep 2019 09:51:31 +0900 Subject: [PATCH] Add support to configure token caching Add a new parameter named KeystoneEnableTokenCaching to enable caching for keystone token to improve performance related to token management. Depends-on: https://review.opendev.org/#/c/683010 Change-Id: Id8b33837eebbe18417d4c349e73817aa8f660091 --- deployment/keystone/keystone-container-puppet.yaml | 6 ++++++ .../notes/keystone_token_caching-ce02411398a40420.yaml | 5 +++++ 2 files changed, 11 insertions(+) create mode 100644 releasenotes/notes/keystone_token_caching-ce02411398a40420.yaml diff --git a/deployment/keystone/keystone-container-puppet.yaml b/deployment/keystone/keystone-container-puppet.yaml index 86a15a27bf..20ae92f607 100644 --- a/deployment/keystone/keystone-container-puppet.yaml +++ b/deployment/keystone/keystone-container-puppet.yaml @@ -350,6 +350,11 @@ parameters: default: '' description: >- OAuth 2.0 introspection endpoint for mod_auth_openidc + KeystoneEnableTokenCaching: + type: boolean + default: false + description: >- + Enable token caching resources: @@ -438,6 +443,7 @@ outputs: content: {get_param: KeystoneCredential1} keystone::fernet_keys: {get_param: KeystoneFernetKeys} keystone::fernet_replace_keys: {get_param: ManageKeystoneFernetKeys} + tripleo::profile::base::keystone::enable_token_caching: {get_param: KeystoneEnableTokenCaching} keystone::logging::debug: if: - service_debug_unset diff --git a/releasenotes/notes/keystone_token_caching-ce02411398a40420.yaml b/releasenotes/notes/keystone_token_caching-ce02411398a40420.yaml new file mode 100644 index 0000000000..c0086b6c29 --- /dev/null +++ b/releasenotes/notes/keystone_token_caching-ce02411398a40420.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + A new parameter, KeystoneEnabledTokenCaching is available to enable token + caching in keystone, which is disabled by default.