diff options
-rw-r--r-- | puppet/controller.yaml | 7 | ||||
-rw-r--r-- | puppet/hieradata/controller.yaml | 1 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller.pp | 5 | ||||
-rw-r--r-- | puppet/manifests/overcloud_controller_pacemaker.pp | 5 |
4 files changed, 16 insertions, 2 deletions
diff --git a/puppet/controller.yaml b/puppet/controller.yaml index c18dc92c..df51f43d 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -276,6 +276,11 @@ parameters: default: '' description: Keystone self-signed certificate authority certificate. type: string + KeystoneEnableDBPurge: + default: true + description: | + Whether to create cron job for purging soft deleted rows in Keystone database. + type: boolean KeystoneSigningCertificate: default: '' description: Keystone certificate for verifying token validity. @@ -943,6 +948,7 @@ resources: keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} keystone_notification_driver: {get_param: KeystoneNotificationDriver} keystone_notification_format: {get_param: KeystoneNotificationFormat} + keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge} keystone_dsn: list_join: - '' @@ -1329,6 +1335,7 @@ resources: keystone::endpoint::region: {get_input: keystone_region} keystone::admin_workers: {get_input: keystone_workers} keystone::public_workers: {get_input: keystone_workers} + keystone_enable_db_purge: {get_input: keystone_enable_db_purge} # MongoDB mongodb::server::bind_ip: {get_input: mongo_db_network} diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 1e7f9a6a..229f9a65 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -43,6 +43,7 @@ heat::keystone_tenant: 'service' keystone::cron::token_flush::maxdelay: 3600 keystone::roles::admin::service_tenant: 'service' keystone::roles::admin::admin_tenant: 'admin' +keystone::cron::token_flush::destination: '/dev/null' #swift swift::proxy::pipeline: diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index 96fdb4f6..2ea9c60d 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -592,10 +592,13 @@ if hiera('step') >= 3 { } #END STEP 3 if hiera('step') >= 4 { + $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) - include ::keystone::cron::token_flush + if $keystone_enable_db_purge { + include ::keystone::cron::token_flush + } if $nova_enable_db_purge { include ::nova::cron::archive_deleted_rows } diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 73fc6faa..691736b7 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -1012,10 +1012,13 @@ if hiera('step') >= 3 { } #END STEP 3 if hiera('step') >= 4 { + $keystone_enable_db_purge = hiera('keystone_enable_db_purge', true) $nova_enable_db_purge = hiera('nova_enable_db_purge', true) $cinder_enable_db_purge = hiera('cinder_enable_db_purge', true) - include ::keystone::cron::token_flush + if $keystone_enable_db_purge { + include ::keystone::cron::token_flush + } if $nova_enable_db_purge { include ::nova::cron::archive_deleted_rows } |