23 lines
842 B
YAML
23 lines
842 B
YAML
---
|
|
- hosts: undercloud
|
|
vars:
|
|
metadata:
|
|
name: Verify token_flush is enabled in keystone users crontab
|
|
description: >
|
|
Without a token_flush crontab enabled for the keystone user, the
|
|
keystone database can grow very large. This validation checks that
|
|
the keystone token_flush crontab has been set up.
|
|
groups:
|
|
- pre-introspection
|
|
cron_check: "keystone-manage token_flush"
|
|
tasks:
|
|
- name: Get keystone crontab
|
|
become: true
|
|
shell: 'crontab -l -u keystone | grep -v "^#"'
|
|
register: cron_result
|
|
changed_when: False
|
|
-
|
|
name: Check keystone crontab
|
|
fail: msg="keystone token_flush does not appear to be enabled via cron. You should add '<desired interval > {{ cron_check }}' to the keystone users crontab."
|
|
failed_when: "cron_check not in cron_result.stdout"
|