From fad5d6da2e0ef01c457ac745c80898dea4810d86 Mon Sep 17 00:00:00 2001 From: Jiri Stransky Date: Wed, 22 Jul 2015 14:23:30 +0200 Subject: Keystone token flushing Set up a cron job to flush keystone tokens periodically. The job runs once a day near midnight per puppet-keystone defaults, and we pass maxdelay 3600 which means each controller will wait a random delay of up to 1 hour before running the task. Change-Id: I351f0273c61106c182aa3945b7ad1ce8f5c7d12b --- puppet/hieradata/controller.yaml | 3 +++ puppet/manifests/overcloud_controller.pp | 4 ++++ puppet/manifests/overcloud_controller_pacemaker.pp | 2 ++ 3 files changed, 9 insertions(+) (limited to 'puppet') diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index 3cc64971..38505ff8 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -40,6 +40,9 @@ swift::proxy::authtoken::admin_tenant_name: 'service' ceilometer::api::keystone_tenant: 'service' heat::keystone_tenant: 'service' +# keystone +keystone::cron::token_flush::maxdelay: 3600 + #swift swift::proxy::pipeline: - 'catch_errors' diff --git a/puppet/manifests/overcloud_controller.pp b/puppet/manifests/overcloud_controller.pp index c9ff86c6..54524300 100644 --- a/puppet/manifests/overcloud_controller.pp +++ b/puppet/manifests/overcloud_controller.pp @@ -451,3 +451,7 @@ if hiera('step') >= 3 { hiera_include('controller_classes') } #END STEP 3 + +if hiera('step') >= 4 { + include ::keystone::cron::token_flush +} #END STEP 4 diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 480ac550..8e2075fa 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -866,6 +866,8 @@ if hiera('step') >= 3 { } #END STEP 3 if hiera('step') >= 4 { + include ::keystone::cron::token_flush + if $pacemaker_master { # Keystone -- cgit 1.2.3-korg