cache: Support options for memcached with SASL enabled

This introduces support for oslo.cache options to use memcached with SASL enabled. Change-Id: I2b93a4871de5320fdfcfab8f507c4c47b351d6c2
2024-02-26 09:47:52 +09:00 · 2024-02-26 09:47:52 +09:00 · ca8fc7f52b
parent aecf14ab55
commit ca8fc7f52b
3 changed files with 32 additions and 0 deletions
--- a/manifests/cache.pp
+++ b/manifests/cache.pp
@ -140,6 +140,18 @@
 #   (oslo_cache.memcache_pool backend only)
 #   Defaults to $facts['os_service_default']
 #
+# [*memcache_sasl_enabled*]
+#   (Optional) Whether SASL is enabled in memcached
+#   Defaults to $facts['os_service_default']
+#
+# [*memcache_username*]
+#   (Optional) The user name for the memcached with SASL enabled
+#   Defaults to $facts['os_service_default']
+#
+# [*memcache_password*]
+#   (Optional) The password for the memcached with SASL enabled
+#   Defaults to $facts['os_service_default']
+#
 # [*tls_enabled*]
 #   (Optional) Global toggle for TLS usage when communicating with
 #   the caching servers.
@ -231,6 +243,9 @@ define oslo::cache(
  $memcache_pool_unused_timeout         = $facts['os_service_default'],
  $memcache_pool_connection_get_timeout = $facts['os_service_default'],
  $memcache_pool_flush_on_reconnect     = $facts['os_service_default'],
+  $memcache_sasl_enabled                = $facts['os_service_default'],
+  $memcache_username                    = $facts['os_service_default'],
+  $memcache_password                    = $facts['os_service_default'],
  $tls_enabled                          = $facts['os_service_default'],
  $tls_cafile                           = $facts['os_service_default'],
  $tls_certfile                         = $facts['os_service_default'],
@ -309,6 +324,9 @@ define oslo::cache(
    'cache/memcache_pool_unused_timeout'         => { value => $memcache_pool_unused_timeout },
    'cache/memcache_pool_connection_get_timeout' => { value => $memcache_pool_connection_get_timeout },
    'cache/memcache_pool_flush_on_reconnect'     => { value => $memcache_pool_flush_on_reconnect },
+    'cache/memcache_sasl_enabled'                => { value => $memcache_sasl_enabled },
+    'cache/memcache_username'                    => { value => $memcache_username },
+    'cache/memcache_password'                    => { value => $memcache_password, secret => true },
    'cache/tls_enabled'                          => { value => $tls_enabled },
    'cache/tls_cafile'                           => { value => $tls_cafile },
    'cache/tls_certfile'                         => { value => $tls_certfile },
--- a/releasenotes/notes/cache-memcache-sasl-af31b10afe7ce93a.yaml
+++ b/releasenotes/notes/cache-memcache-sasl-af31b10afe7ce93a.yaml
@ -0,0 +1,5 @@
+---
+features:
+  - |
+    The ``oslo::cache`` defined resource type now supports options to allow
+    memcached with SASL enabled.
--- a/spec/defines/oslo_cache_spec.rb
+++ b/spec/defines/oslo_cache_spec.rb
@ -26,6 +26,9 @@ describe 'oslo::cache' do
        is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('<SERVICE DEFAULT>')
        is_expected.to contain_keystone_config('cache/memcache_pool_connection_get_timeout').with_value('<SERVICE DEFAULT>')
        is_expected.to contain_keystone_config('cache/memcache_pool_flush_on_reconnect').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_keystone_config('cache/memcache_sasl_enabled').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_keystone_config('cache/memcache_username').with_value('<SERVICE DEFAULT>')
+        is_expected.to contain_keystone_config('cache/memcache_password').with_value('<SERVICE DEFAULT>').with_secret(true)
        is_expected.to contain_keystone_config('cache/tls_enabled').with_value('<SERVICE DEFAULT>')
        is_expected.to contain_keystone_config('cache/tls_cafile').with_value('<SERVICE DEFAULT>')
        is_expected.to contain_keystone_config('cache/tls_certfile').with_value('<SERVICE DEFAULT>')
@ -61,6 +64,9 @@ describe 'oslo::cache' do
          :memcache_pool_unused_timeout         => '60',
          :memcache_pool_connection_get_timeout => '10',
          :memcache_pool_flush_on_reconnect     => false,
+          :memcache_sasl_enabled                => false,
+          :memcache_username                    => 'sasluser',
+          :memcache_password                    => 'saslpass',
          :tls_enabled                          => false,
          :tls_cafile                           => '/path/to/ssl/cafile',
          :tls_certfile                         => '/path/to/ssl/certfile',
@ -94,6 +100,9 @@ describe 'oslo::cache' do
        is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('60')
        is_expected.to contain_keystone_config('cache/memcache_pool_connection_get_timeout').with_value('10')
        is_expected.to contain_keystone_config('cache/memcache_pool_flush_on_reconnect').with_value(false)
+        is_expected.to contain_keystone_config('cache/memcache_sasl_enabled').with_value(false)
+        is_expected.to contain_keystone_config('cache/memcache_username').with_value('sasluser')
+        is_expected.to contain_keystone_config('cache/memcache_password').with_value('saslpass').with_secret(true)
        is_expected.to contain_keystone_config('cache/tls_enabled').with_value('false')
        is_expected.to contain_keystone_config('cache/tls_cafile').with_value('/path/to/ssl/cafile')
        is_expected.to contain_keystone_config('cache/tls_certfile').with_value('/path/to/ssl/certfile')