From 7cba1878846d46a74a4d6c0b819c7e9b1bc510d6 Mon Sep 17 00:00:00 2001
From: Tin Lam <tin@irrational.io>
Date: Tue, 10 Apr 2018 16:04:56 -0500
Subject: [PATCH] Add LDAP pool options

This patch set adds the pool timeout to the LDAP configuration sample.
Also, puts the LDAP pool timeout to a sensible 15 seconds rather than
-1 which can cause keystone to hang due to potential LDAP instability
or unavailability.

Change-Id: I15d6b6d93811bb560e4db26490b05024617ec665
Signed-off-by: Tin Lam <tin@irrational.io>
---
 tools/overrides/keystone/ldap_domain_config.yaml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/tools/overrides/keystone/ldap_domain_config.yaml b/tools/overrides/keystone/ldap_domain_config.yaml
index b0a4481915..8109017a37 100644
--- a/tools/overrides/keystone/ldap_domain_config.yaml
+++ b/tools/overrides/keystone/ldap_domain_config.yaml
@@ -41,3 +41,12 @@ conf:
         user_mail_attribute: mail
         user_pass_attribute: userPassword
         group_tree_dn: "ou=Groups,dc=cluster,dc=local"
+        use_pool: true
+        pool_size: 27
+        pool_retry_max: 3
+        pool_retry_delay: 0.1
+        pool_connection_timeout: 15
+        pool_connection_lifetime: 600
+        use_auth_pool: true
+        auth_pool_size: 100
+        auth_pool_connection_lifetime: 60