Merge "Handle agent_boot_time option"
diff --git a/README.rst b/README.rst
index ea1e1ec..e9f63d0 100644
--- a/README.rst
+++ b/README.rst
@@ -1474,6 +1474,25 @@
eventletwsgi:
level: 'DEBUG'
......
+Neutron server with memcached caching and security strategy:
+
+.. code-block:: yaml
+
+ neutron:
+ server:
+ enabled: true
+ ...
+ cache:
+ engine: memcached
+ members:
+ - host: 127.0.0.1
+ port: 11211
+ - host: 127.0.0.1
+ port: 11211
+ security:
+ enabled: true
+ strategy: ENCRYPT
+ secret_key: secret
Upgrades
========
diff --git a/neutron/files/pike/neutron-server.conf b/neutron/files/pike/neutron-server.conf
index 3ba83b5..49aeff0 100644
--- a/neutron/files/pike/neutron-server.conf
+++ b/neutron/files/pike/neutron-server.conf
@@ -1017,6 +1017,14 @@
{%- endif %}
{%- if server.cache is defined %}
memcached_servers={%- for member in server.cache.members %}{{ member.host }}:11211{% if not loop.last %},{% endif %}{%- endfor %}
+ {%- if server.cache.get('security', {}).get('enabled', False) %}
+memcache_security_strategy = {{ server.cache.security.get('strategy', 'ENCRYPT') }}
+ {%- if server.cache.security.secret_key is not defined or not server.cache.security.secret_key %}
+ {%- do salt.test.exception('server.cache.security.secret_key is not defined: Please add secret_key') %}
+ {%- else %}
+memcache_secret_key = {{ server.cache.security.secret_key }}
+ {%- endif %}
+ {%- endif %}
{%- endif %}
#
# From keystonemiddleware.auth_token
diff --git a/tests/pillar/control_cluster.sls b/tests/pillar/control_cluster.sls
index fcfb79e..964f3bd 100644
--- a/tests/pillar/control_cluster.sls
+++ b/tests/pillar/control_cluster.sls
@@ -60,4 +60,16 @@
create_subnet: 'rule:admin_or_network_owner'
'get_network:queue_id': 'rule:admin_only'
'create_network:shared':
-
+ cache:
+ engine: memcached
+ members:
+ - host: 127.0.0.1
+ port: 11211
+ - host: 127.0.0.1
+ port: 11211
+ - host: 127.0.0.1
+ port: 11211
+ security:
+ enabled: true
+ strategy: ENCRYPT
+ secret_key: secret