e8e4d500f9
It may have problems but using keystone-manage is better then having the token table grow indefinitely. Change-Id: Ie34874783c90afd7029378d4f473f336c8937c26 Fixes-bug: #1291426
30 lines
1004 B
Bash
Executable File
30 lines
1004 B
Bash
Executable File
#!/bin/sh
|
|
set -eu
|
|
|
|
KEYSTONE_DB=$(os-apply-config --key keystone.db --type dsn)
|
|
|
|
KEYSTONE_DB_TYPE=${KEYSTONE_DB%%://*}
|
|
# Use keystone-manage if not mysql or pt-archiver isn't available
|
|
# We can just call this directly if bug #1188378 is ever fixed
|
|
if [ "$KEYSTONE_DB_TYPE" != "mysql" ] || ! which pt-archiver 2> /dev/null ; then
|
|
exec keystone-manage token_flush
|
|
fi
|
|
|
|
KEYSTONE_DB_P1=${KEYSTONE_DB##mysql://}
|
|
KEYSTONE_DB_USERPASS=${KEYSTONE_DB_P1%%@*}
|
|
KEYSTONE_DB_USER=${KEYSTONE_DB_USERPASS%%:*}
|
|
KEYSTONE_DB_PASS=${KEYSTONE_DB_USERPASS##*:}
|
|
KEYSTONE_DB_P2=${KEYSTONE_DB_P1##*@}
|
|
KEYSTONE_DB_P2=${KEYSTONE_DB_P2%%\?*}
|
|
KEYSTONE_DB_HOST=${KEYSTONE_DB_P2%%/*}
|
|
KEYSTONE_DB_NAME=${KEYSTONE_DB_P2##*/}
|
|
|
|
pt-archiver --source h=$KEYSTONE_DB_HOST,u=$KEYSTONE_DB_USER,p=$KEYSTONE_DB_PASS,D=$KEYSTONE_DB_NAME,t=token \
|
|
--charset utf8 \
|
|
--where "expires < UTC_TIMESTAMP()" \
|
|
--purge \
|
|
--txn-size 500 \
|
|
--run-time 59m \
|
|
--statistics \
|
|
--primary-key-only | logger -t cleanup-keystone-tokens
|