undercloud-tokenflush

this page last updated: 2019-07-23 10:14:29

undercloud-tokenflush¶

Role Documentation¶

Welcome to the “undercloud-tokenflush” role documentation.

Role Defaults¶

This section highlights all of the defaults and variables set within the “undercloud-tokenflush” role.

cron_check: keystone-manage token_flush

Role Variables: main.yaml¶

metadata:
  description: 'Without a token_flush crontab enabled for the keystone user, the keystone
    database can grow very large.  This validation checks that the keystone token_flush
    crontab has been set up.

    '
  groups:
  - pre-introspection
  name: Verify token_flush is enabled in keystone users crontab

Molecule Scenarios¶

Molecule is being used to test the “undercloud-tokenflush” role. The following section highlights the drivers in service and provides an example playbook showing how the role is leveraged.

Scenario: default¶

Example default configuration¶

driver:
  name: docker
lint:
  enabled: false
log: true
platforms:
- command: python -m SimpleHTTPServer 8787
  easy_install:
  - pip
  environment:
    http_proxy: '{{ lookup(''env'', ''http_proxy'') }}'
    https_proxy: '{{ lookup(''env'', ''https_proxy'') }}'
  hostname: centos7
  image: centos:7
  name: centos7
  override_command: true
  pkg_extras: python-setuptools python-enum34 python-netaddr epel-release ruby
- command: python3 -m http.server 8787
  environment:
    http_proxy: '{{ lookup(''env'', ''http_proxy'') }}'
    https_proxy: '{{ lookup(''env'', ''https_proxy'') }}'
  hostname: fedora28
  image: fedora:28
  name: fedora28
  override_command: true
  pkg_extras: python*-setuptools python*-enum python*-netaddr ruby
provisioner:
  env:
    ANSIBLE_LIBRARY: ../../../../library
    ANSIBLE_STDOUT_CALLBACK: yaml
  log: true
  name: ansible
scenario:
  test_sequence:
  - destroy
  - create
  - prepare
  - converge
  - verify
  - destroy
verifier:
  lint:
    name: flake8
  name: testinfra

Example default playbook¶

- gather_facts: false
  hosts: all
  name: Converge
  tasks:
  - include_role:
      name: undercloud-tokenflush
    name: working detection
  - block:
    - copy:
        content: '[DEFAULT]

          container_cli = docker

          '
        dest: /undercloud.conf
      name: Override container_cli
    - include_role:
        name: undercloud-tokenflush
      name: run validation
    name: Validate failure
    rescue:
    - meta: clear_host_errors
      name: Clear host errors
    - debug:
        msg: The validation works! Ending play.
      name: Test output
    - meta: end_play
      name: End play
  - fail:
      msg: 'The undercloud-tokenflush validation failed to detect

        missing cron job.

        '
    name: Fail the validation at this point