From 852c3bd0a13d3f7715e22a0c8ca2ed3806701ed0 Mon Sep 17 00:00:00 2001
From: sayalilunkad <sayali.92720@gmail.com>
Date: Sun, 30 Nov 2014 21:09:27 +0530
Subject: [PATCH] Purges expired keystone tokens

Purges expired tokens every hour and logs the output.

Change-Id: I7fb02ab81b8583132ab8dbb74857a8015300e0f9
---
 labs/scripts/setup_keystone.sh | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/labs/scripts/setup_keystone.sh b/labs/scripts/setup_keystone.sh
index 8fcbe748..ecbf2746 100755
--- a/labs/scripts/setup_keystone.sh
+++ b/labs/scripts/setup_keystone.sh
@@ -58,6 +58,16 @@ iniset_sudo /etc/keystone/keystone.conf DEFAULT log_dir "/var/log/keystone"
 echo "Restarting keystone."
 sudo service keystone restart
 
+if ! sudo crontab -l -u keystone 2>&1 | grep token_flush; then
+    # No existing crontab entry for token_flush -- add one now.
+    echo "Adding crontab entry to purge expired tokens:"
+    cat << CRON | sudo tee -a /var/spool/cron/crontabs/keystone
+# Purges expired tokens every hour and logs the output
+@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&1
+CRON
+    echo "---------------------------------------------"
+fi
+
 #------------------------------------------------------------------------------
 # Configure keystone users, tenants and roles
 # http://docs.openstack.org/icehouse/install-guide/install/apt/content/keystone-users.html