Deprecate keystone::token_driver

This config option in Keystone was deprecated for
removal since the Pike release and was removed in
the Rocky release.

We used this value to determine if the appropriate
memcache package was required which is causing issues
when puppet-oslo with manage_memcache_package is set to true
(default value is true).

This deprecates this parameter and removes the memcache
package installation logic which is superceeded by the
oslo::cache class since Rocky release.

Depends-On: https://review.openstack.org/#/c/632962/
Change-Id: I95a5982097529f119d99f0e7c77ac53d62da5733

manifests/init.pp

@@ -51,10 +51,6 @@
 #   Defaults to 'fernet'
 #   Supports fernet or uuid.
 #
-# [*token_driver*]
-#   (optional) Driver to use for managing tokens.
-#   Defaults to 'sql'
-#
 # [*token_expiration*]
 #   (optional) Amount of time a token should remain valid (seconds).
 #   Defaults to 3600 (1 hour).
@@ -560,6 +556,10 @@
 #   created unless enable_pki_setup is set to True.
 #   Defaults to undef
 #
+# [*token_driver*]
+#   (optional) Driver to use for managing tokens.
+#   Defaults to undef
+#
 # == Dependencies
 #  None
 #
@@ -603,7 +603,6 @@ class keystone(
   $catalog_driver                       = false,
   $catalog_template_file                = '/etc/keystone/default_catalog.templates',
   $token_provider                       = 'fernet',
-  $token_driver                         = 'sql',
   $token_expiration                     = 3600,
   $password_hash_algorithm              = $::os_service_default,
   $password_hash_rounds                 = $::os_service_default,
@@ -692,6 +691,7 @@ class keystone(
   $public_workers                       = $::os_workers,
   $paste_config                         = undef,
   $cache_dir                            = undef,
+  $token_driver                         = undef,
 ) inherits keystone::params {
 
   include ::keystone::deps
@@ -707,6 +707,10 @@ class keystone(
     warning('keystone::cache_dir is deprecated, has no effect and will be removed in a later release')
   }
 
+  if $token_driver {
+    warning('keystone::token_driver is deprecated, has no effect and will be removed in a later release')
+  }
+
   if ! $catalog_driver {
     validate_re($catalog_type, 'template|sql')
   }
@@ -776,17 +780,7 @@ admin_token will be removed in a later release")
     'DEFAULT/admin_endpoint': value => $admin_endpoint;
   }
 
-  # requirements for memcache token driver
-  if ($token_driver =~ /memcache/ ) {
-    ensure_packages('python-memcache', {
-      ensure => present,
-      name   => $::keystone::params::python_memcache_package_name,
-      tag    => ['openstack'],
-    })
-  }
-
   keystone_config {
-    'token/driver':     value => $token_driver;
     'token/expiration': value => $token_expiration;
   }
 

releasenotes/notes/remove-token_driver-fbe7964f9c58d42d.yaml

@@ -0,0 +1,14 @@
+---
+deprecations:
+  - |
+    The keystone::token_driver is now deprecated, has no effect and will
+    be removed in a future release.
+upgrade:
+  - |
+    The keystone::token_driver parameter which has had no effect that past
+    couple of releases and is now deprecated. This parameter if it was set
+    to memcache would install the appropriate python-memcache package.
+    Now that this is removed you need to ensure keystone::manage_backend_package
+    is set properly if you have caching enabled since that manages that package
+    now. The default value for manage_backend_package is true so if you don't
+    set it explicitly to false there is no change required on your part.

spec/classes/keystone_init_spec.rb

@@ -30,7 +30,6 @@ describe 'keystone' do
       'catalog_type'                       => 'sql',
       'catalog_driver'                     => false,
       'token_provider'                     => 'fernet',
-      'token_driver'                       => 'sql',
       'password_hash_algorithm'            => '<SERVICE DEFAULT>',
       'password_hash_rounds'               => '<SERVICE DEFAULT>',
       'revoke_driver'                      => 'sql',
@@ -75,7 +74,6 @@ describe 'keystone' do
       'admin_password'                     => 'admin_openstack_password',
       'catalog_type'                       => 'template',
       'token_provider'                     => 'uuid',
-      'token_driver'                       => 'kvs',
       'password_hash_algorithm'            => 'pbkdf2_sha512',
       'password_hash_rounds'               => '29000',
       'revoke_driver'                      => 'kvs',
@@ -179,10 +177,6 @@ describe 'keystone' do
       param_hash['token_provider']
     ) }
 
-    it 'should contain correct token driver' do
-      is_expected.to contain_keystone_config('token/driver').with_value(param_hash['token_driver'])
-    end
-
     it 'should contain correct revoke driver' do
       is_expected.to contain_keystone_config('revoke/driver').with_value(param_hash['revoke_driver'])
     end
@@ -420,7 +414,6 @@ describe 'keystone' do
     let :params do
       {
         'admin_token'                  => 'service_token',
-        'token_driver'                 => 'memcache',
         'cache_backend'                => 'dogpile.cache.memcached',
         'cache_backend_argument'       => ['url:SERVER1:12211'],
         'cache_memcache_servers'       => 'SERVER1:11211,SERVER2:11211',
@@ -444,24 +437,12 @@ describe 'keystone' do
     it { is_expected.to contain_keystone_config('cache/memcache_pool_maxsize').with_value('1000') }
     it { is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('60') }
     it { is_expected.to contain_keystone_config('cache/memcache_servers').with_value('SERVER1:11211,SERVER2:11211') }
-    it {
-      if facts[:os_package_type] == 'debian'
-        pkg = 'python3-memcache'
-      else
-        pkg = 'python-memcache'
-      end
-      is_expected.to contain_package('python-memcache').with(
-        :name   => pkg,
-        :ensure => 'present'
-      )
-    }
   end
 
   describe 'configure cache memcache servers if set' do
     let :params do
       {
         'admin_token'                          => 'service_token',
-        'token_driver'                         => 'noop',
         'cache_backend'                        => 'dogpile.cache.memcached',
         'cache_backend_argument'               => ['url:SERVER3:12211'],
         'cache_memcache_servers'               => [ 'SERVER1:11211', 'SERVER2:11211' ],
@@ -489,14 +470,12 @@ describe 'keystone' do
     it { is_expected.to contain_keystone_config('cache/memcache_pool_connection_get_timeout').with_value('30') }
     it { is_expected.to contain_keystone_config('cache/memcache_servers').with_value('SERVER1:11211,SERVER2:11211') }
     it { is_expected.to contain_oslo__cache('keystone_config').with_manage_backend_package(false) }
-    it { is_expected.not_to contain_package('python-memcache') }
   end
 
   describe 'configure cache enabled if set' do
     let :params do
       {
         'admin_token'                          => 'service_token',
-        'token_driver'                         => 'memcache',
         'cache_backend'                        => 'dogpile.cache.memcached',
         'cache_backend_argument'               => ['url:SERVER3:12211'],
         'cache_enabled'                        => true,
@@ -523,10 +502,6 @@ describe 'keystone' do
     it { is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('60') }
     it { is_expected.to contain_keystone_config('cache/memcache_pool_connection_get_timeout').with_value('30') }
     it { is_expected.to contain_keystone_config('cache/memcache_servers').with_value('SERVER1:11211,SERVER2:11211') }
-    it { is_expected.to contain_package('python-memcache').with(
-      :name   => 'python-memcache',
-      :ensure => 'present'
-    ) }
   end
 
   describe 'configure memcache servers with a string' do