Browse Source

Zookeeper backend SSL support

Bump kazoo version to 2.6.0 that supports SSL.

Allow to configure ssl config options via conf
* keyfile
* keyfile_password
* certfile
* use_ssl
* verify_certs

https://kazoo.readthedocs.io/en/latest/api/client.html#kazoo.client.KazooClient

This should be done in conformance with Redis
jobboard backend, that already allows SSL settings.

Change-Id: Ic2670c3c4caa93f69bc2d541c3701df2b6037d2e
tags/4.1.0^0
Ann Kamyshnikova 4 months ago
parent
commit
b46cf94a25
5 changed files with 22 additions and 3 deletions
  1. +1
    -1
      lower-constraints.txt
  2. +6
    -0
      releasenotes/notes/zookeeper-ssl-support-b9abf24a39096b62.yaml
  3. +1
    -1
      setup.cfg
  4. +13
    -0
      taskflow/utils/kazoo_utils.py
  5. +1
    -1
      test-requirements.txt

+ 1
- 1
lower-constraints.txt View File

@@ -22,7 +22,7 @@ imagesize==0.7.1
iso8601==0.1.11
Jinja2==2.10
jsonschema==2.6.0
kazoo==2.2
kazoo==2.6.0
keystoneauth1==3.4.0
kombu==4.0.0
linecache2==1.0.0


+ 6
- 0
releasenotes/notes/zookeeper-ssl-support-b9abf24a39096b62.yaml View File

@@ -0,0 +1,6 @@
---
features:
- |
SSL support for zookeeper backend (kazoo client). Now the following options
can be passed to zookeeper config: *keyfile*, *keyfile_password*,
*certfile*, *use_ssl*, *verify_certs*.

+ 1
- 1
setup.cfg View File

@@ -57,7 +57,7 @@ taskflow.engines =
# NOTE(dhellmann): The entries in this section of the file need to be
# kept consistent with the entries in test-requirements.txt.
zookeeper =
kazoo>=2.2 # Apache-2.0
kazoo>=2.6.0 # Apache-2.0
zake>=0.1.6 # Apache-2.0
redis =
redis>=2.10.0 # MIT


+ 13
- 0
taskflow/utils/kazoo_utils.py View File

@@ -175,6 +175,13 @@ def make_client(conf):
- ``handler``: a kazoo handler object that can be used to provide the
client with alternate async strategies (the default is `thread`_
based, but `gevent`_, or `eventlet`_ ones can be provided as needed)
- ``keyfile`` : SSL keyfile to use for authentication
- ``keyfile_password``: SSL keyfile password
- ``certfile``: SSL certfile to use for authentication
- ``ca``: SSL CA file to use for authentication
- ``use_ssl``: argument to control whether SSL is used or not
- ``verify_certs``: when using SSL, argument to bypass
certs verification

.. _client: https://kazoo.readthedocs.io/en/latest/api/client.html
.. _kazoo: https://kazoo.readthedocs.io/
@@ -191,6 +198,12 @@ def make_client(conf):
'read_only': bool(conf.get('read_only')),
'randomize_hosts': bool(conf.get('randomize_hosts')),
'logger': LOG,
'keyfile': conf.get('keyfile', None),
'keyfile_password': conf.get('keyfile_password', None),
'certfile': conf.get('certfile', None),
'use_ssl': conf.get('use_ssl', False),
'verify_certs': conf.get('verify_certs', True),

}
# See: https://kazoo.readthedocs.io/en/latest/api/retry.html
if 'command_retry' in conf:


+ 1
- 1
test-requirements.txt View File

@@ -3,7 +3,7 @@
# entries need to be kept consistent.

# zookeeper
kazoo>=2.2 # Apache-2.0
kazoo>=2.6.0 # Apache-2.0
zake>=0.1.6 # Apache-2.0

# redis


Loading…
Cancel
Save