Browse Source

Merge "Enable memcache protection for keystone"

changes/57/441757/2
Jenkins 2 years ago
parent
commit
4a6ffd6204
2 changed files with 8 additions and 0 deletions
  1. 4
    0
      exports/keystone_authtoken.j2
  2. 4
    0
      service/files/defaults.yaml

+ 4
- 0
exports/keystone_authtoken.j2 View File

@@ -12,4 +12,8 @@ memcached_servers = {{ address("memcached", memcached.port) }}
12 12
 {% if keystone.tls.enabled %}
13 13
 cafile = /opt/ccp/etc/tls/ca.pem
14 14
 {% endif %}
15
+{% if keystone.encrypt_tokens_in_memcached.enabled %}
16
+memcache_security_strategy = ENCRYPT
17
+memcache_secret_key = {{ keystone.encrypt_tokens_in_memcached.secret_key }}
18
+{% endif %}
15 19
 {%- endmacro %}

+ 4
- 0
service/files/defaults.yaml View File

@@ -27,6 +27,10 @@ configs:
27 27
       # format can be basic or cadf:
28 28
       format: cadf
29 29
 
30
+    encrypt_tokens_in_memcached:
31
+      enabled: true
32
+      secret_key: password
33
+
30 34
   openstack:
31 35
     user_password: password
32 36
     user_name: admin

Loading…
Cancel
Save