Revert "Keystone Authtoken Cache: allow universal secret key to be set"

This reverts commit 1c85fdc390e05eb578874e77fad9d4ec942da791.

Do not use randomly generated strings in configmaps as this leads to
whole helm release redeployment even no values are changed. The random
items have to be generated outside of helm chart and provided via
values.
Also previous behaviour didn't allow to use cache during rolling upgrade
as new pods were spawned with new key.

Change-Id: I423611b18fca0d65e2e721a9c6a0c3d8df0813d2
This commit is contained in:
Vasyl Saienko 2019-10-22 14:40:35 +00:00
parent 400b686f52
commit 90d070390d
34 changed files with 0 additions and 168 deletions

View File

@ -53,10 +53,6 @@ limitations under the License.
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.aodh.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.aodh.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.aodh.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.aodh.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "aodh" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.aodh.database "connection" -}}
{{- end -}}

View File

@ -468,7 +468,6 @@ conf:
keystone_authtoken:
auth_version: v3
auth_type: password
memcache_security_strategy: ENCRYPT
service_credentials:
auth_type: password
interface: internal

View File

@ -47,9 +47,6 @@ limitations under the License.
{{- if empty .Values.conf.barbican.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.barbican.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.barbican.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.barbican.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.barbican.DEFAULT.sql_connection -}}
{{- $_ := tuple "oslo_db" "internal" "barbican" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.barbican.DEFAULT "sql_connection" -}}

View File

@ -448,8 +448,6 @@ conf:
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
memcache_secret_key: null
database:
max_retries: -1
barbican_api:
@ -633,13 +631,6 @@ endpoints:
http:
default: 15672
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -28,10 +28,6 @@ limitations under the License.
{{- if empty .Values.conf.ceilometer.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.ceilometer.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.ceilometer.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.ceilometer.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.ceilometer.cache.memcache_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.ceilometer.cache "memcache_servers" -}}
{{- end -}}

View File

@ -1877,13 +1877,6 @@ endpoints:
mongodb:
default: 27017
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -47,9 +47,6 @@ limitations under the License.
{{- if empty .Values.conf.cinder.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.cinder.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.cinder.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.cinder.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "cinder" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.cinder.database "connection" -}}

View File

@ -856,7 +856,6 @@ conf:
keystone_authtoken:
auth_version: v3
auth_type: password
memcache_security_strategy: ENCRYPT
oslo_concurrency:
lock_path: "/var/lib/cinder/tmp"
oslo_messaging_notifications:
@ -1384,13 +1383,6 @@ endpoints:
http:
default: 15672
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -28,9 +28,6 @@ limitations under the License.
{{- if empty .Values.conf.congress.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.congress.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.congress.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.congress.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.congress.keystone_authtoken.auth_url -}}
{{- $_ := tuple "identity" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.congress.keystone_authtoken "auth_url" -}}

View File

@ -284,13 +284,6 @@ endpoints:
mysql:
default: 3306
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -51,10 +51,6 @@
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.designate.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.designate.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.designate.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty (index .Values.conf.designate "storage:sqlalchemy").connection -}}
{{- $_ := tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set (index .Values.conf.designate "storage:sqlalchemy") "connection" -}}
{{- $_ := tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.designate.database "connection" -}}

View File

@ -570,7 +570,6 @@ conf:
keystone_authtoken:
auth_version: v3
auth_type: password
memcache_security_strategy: ENCRYPT
logging:
loggers:
keys:

View File

@ -75,12 +75,6 @@ limitations under the License.
{{- if empty .Values.conf.glance_registry.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance_registry.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.glance.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.glance_registry.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.glance.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "glance" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.glance.database "connection" -}}

View File

@ -253,7 +253,6 @@ conf:
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
glance_store:
rbd_store_chunk_size: 8
rbd_store_replication: 3
@ -382,7 +381,6 @@ conf:
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
paste_deploy:
flavor: keystone
database:
@ -683,13 +681,6 @@ endpoints:
mysql:
default: 3306
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -70,9 +70,6 @@ limitations under the License.
{{- if empty .Values.conf.heat.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.heat.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.heat.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "heat" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.heat.database "connection" -}}

View File

@ -439,7 +439,6 @@ conf:
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
database:
max_retries: -1
trustee:
@ -951,13 +950,6 @@ endpoints:
mysql:
default: 3306
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -45,9 +45,6 @@ limitations under the License.
{{- if empty .Values.conf.ironic.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.ironic.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.ironic.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.ironic.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.ironic.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "ironic" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ironic.database "connection" -}}

View File

@ -457,13 +457,6 @@ endpoints:
mysql:
default: 3306
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -47,9 +47,6 @@ limitations under the License.
{{- if empty .Values.conf.magnum.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.magnum.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.magnum.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.magnum.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.magnum.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "magnum" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.magnum.database "connection" -}}

View File

@ -129,7 +129,6 @@ conf:
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
api:
# NOTE(portdirect): the bind port should not be defined, and is manipulated
# via the endpoints section.
@ -429,13 +428,6 @@ endpoints:
mysql:
default: 3306
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -47,9 +47,6 @@ limitations under the License.
{{- if empty .Values.conf.mistral.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.mistral.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.mistral.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.mistral.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.mistral.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "mistral" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.mistral.database "connection" -}}

View File

@ -303,13 +303,6 @@ endpoints:
http:
default: 15672
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:
@ -468,7 +461,6 @@ conf:
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
logging:
loggers:
keys:

View File

@ -49,9 +49,6 @@ limitations under the License.
{{- if empty $envAll.Values.conf.neutron.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set $envAll.Values.conf.neutron.keystone_authtoken "memcached_servers" -}}
{{- end }}
{{- if empty .Values.conf.neutron.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.neutron.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty $envAll.Values.conf.neutron.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "neutron" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set $envAll.Values.conf.neutron.database "connection" -}}

View File

@ -1813,7 +1813,6 @@ conf:
ironic:
endpoint_type: internal
keystone_authtoken:
memcache_security_strategy: ENCRYPT
auth_type: password
auth_version: v3
octavia:
@ -2136,13 +2135,6 @@ endpoints:
http:
default: 15672
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -48,9 +48,6 @@ limitations under the License.
{{- if empty .Values.conf.nova.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.nova.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.nova.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.nova.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if .Values.conf.nova.service_user.send_service_user_token -}}
@ -214,10 +211,6 @@ limitations under the License.
{{- $_ := set .Values.conf.nova.ironic "auth_version" .Values.endpoints.identity.auth.ironic.auth_version -}}
{{- end -}}
{{- if empty .Values.conf.nova.ironic.memcache_secret_key -}}
{{- $_ := (default (randAlphaNum 64) .Values.endpoints.oslo_cache.auth.memcache_secret_key) | set .Values.conf.nova.ironic "memcache_secret_key" -}}
{{- end -}}
{{- if empty .Values.conf.nova.ironic.memcache_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.nova.ironic "memcache_servers" -}}
{{- end -}}

View File

@ -1727,7 +1727,6 @@ conf:
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
service_user:
auth_type: password
send_service_user_token: false
@ -1950,13 +1949,6 @@ endpoints:
http:
default: 15672
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -49,9 +49,6 @@ limitations under the License.
{{- if empty .Values.conf.octavia.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.octavia.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.octavia.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.octavia.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.octavia.service_auth.auth_url -}}
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.octavia.service_auth "auth_url" -}}
@ -76,9 +73,6 @@ limitations under the License.
{{- if empty .Values.conf.octavia.service_auth.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.octavia.service_auth "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.octavia.service_auth.memcache_secret_key -}}
{{- $_ := set .Values.conf.octavia.service_auth "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.octavia.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "octavia" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.octavia.database "connection" -}}

View File

@ -220,7 +220,6 @@ conf:
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
certificates:
ca_private_key_passphrase: foobar
ca_private_key: /etc/octavia/certs/private/cakey.pem
@ -260,7 +259,6 @@ conf:
auth_type: password
cafile: ""
auth_version: v3
memcache_security_strategy: ENCRYPT
logging:
loggers:
keys:

View File

@ -53,10 +53,6 @@ limitations under the License.
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.panko.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.panko.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.panko.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.panko.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "panko" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.panko.database "connection" -}}
{{- end -}}

View File

@ -258,7 +258,6 @@ conf:
keystone_authtoken:
auth_version: v3
auth_type: password
memcache_security_strategy: ENCRYPT
logging:
loggers:
keys:

View File

@ -44,9 +44,6 @@ limitations under the License.
{{- if empty .Values.conf.rally.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.rally.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.rally.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.rally.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.rally.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "rally" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.rally.database "connection" -}}

View File

@ -280,9 +280,6 @@ endpoints:
mysql:
default: 3306
oslo_cache:
auth:
keystone_authtoken:
secret_key: null
hosts:
default: memcached
host_fqdn_override:

View File

@ -48,9 +48,6 @@ limitations under the License.
{{- if empty .Values.conf.senlin.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.senlin.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.senlin.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.senlin.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.senlin.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "senlin" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.senlin.database "connection" -}}

View File

@ -175,7 +175,6 @@ conf:
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
senlin_api:
# NOTE(portdirect): the bind port should not be defined, and is manipulated
# via the endpoints section.
@ -448,13 +447,6 @@ endpoints:
mysql:
default: 3306
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override: