openstack/kolla-ansible
Code Issues Proposed changes
kolla-ansible/ansible/roles/keystone/templates/fernet-node-sync.sh.j2
Michal Arbet 90fd9152a4 Use Docker healthchecks for keystone-fernet container 
This change enables the use of Docker healthchecks for
keystone-fernet container. It checks if "key 0" has
right permissions, and if rsync is able to distribute
keys to other keystones.

Implements: blueprint container-health-check
Change-Id: I17bea723d4109e869cd05d211f6f8e4653f46e17
2021-08-17 15:07:01 +02:00

30 lines
823 B
Django/Jinja
Raw Blame History

!/bin/bash
set -o errexit
set -o pipefail
if [ ! -z "$1" ] && [ "$1" == "--check" ]; then
if [ -f /etc/keystone/fernet-keys/0 ]; then
if [[ $(stat -c %U:%G /etc/keystone/fernet-keys/0) != "keystone:keystone" ]]; then
exit 1
fi
else
exit 1
fi
else
# Ensure tokens are populated, check for 0 key which should always exist
n=0
while [ ! -f /etc/keystone/fernet-keys/0 ]; do
if [ $n -lt 10 ]; then
n=$(( n + 1 ))
echo "ERROR: Fernet tokens have not been populated, rechecking in 1 minute"
echo "DEBUG: /etc/keystone/fernet-keys contents:"
ls -l /etc/keystone/fernet-keys/
sleep 60
else
echo "CRITICAL: Waited for 10 minutes - failing"
exit 1
fi
done
fi
View Git Blame Copy Permalink