summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-03-06 10:21:56 +0000
committerGerrit Code Review <review@openstack.org>2017-03-06 10:21:56 +0000
commit4a6ffd6204d7d0e59239b17dfe37d99f27479227 (patch)
tree9a1a9c2f2480a824f28d185ba77df7ea066d2007
parent80367f32a822e5903924338c94443a2e71757af8 (diff)
parentd4f3cec629d230c4ed23b46e5057ffd8e794d3e0 (diff)
Merge "Enable memcache protection for keystone"
-rw-r--r--exports/keystone_authtoken.j24
-rw-r--r--service/files/defaults.yaml4
2 files changed, 8 insertions, 0 deletions
diff --git a/exports/keystone_authtoken.j2 b/exports/keystone_authtoken.j2
index 2d712e7..7cddfaa 100644
--- a/exports/keystone_authtoken.j2
+++ b/exports/keystone_authtoken.j2
@@ -12,4 +12,8 @@ memcached_servers = {{ address("memcached", memcached.port) }}
12{% if keystone.tls.enabled %} 12{% if keystone.tls.enabled %}
13cafile = /opt/ccp/etc/tls/ca.pem 13cafile = /opt/ccp/etc/tls/ca.pem
14{% endif %} 14{% endif %}
15{% if keystone.encrypt_tokens_in_memcached.enabled %}
16memcache_security_strategy = ENCRYPT
17memcache_secret_key = {{ keystone.encrypt_tokens_in_memcached.secret_key }}
18{% endif %}
15{%- endmacro %} 19{%- endmacro %}
diff --git a/service/files/defaults.yaml b/service/files/defaults.yaml
index 1acfdeb..550b8ee 100644
--- a/service/files/defaults.yaml
+++ b/service/files/defaults.yaml
@@ -27,6 +27,10 @@ configs:
27 # format can be basic or cadf: 27 # format can be basic or cadf:
28 format: cadf 28 format: cadf
29 29
30 encrypt_tokens_in_memcached:
31 enabled: true
32 secret_key: password
33
30 openstack: 34 openstack:
31 user_password: password 35 user_password: password
32 user_name: admin 36 user_name: admin