[API] Add SSL Gearman support
New options for giving SSL key and cert file. Change-Id: I2f7fff6ad16b1e934042458d17e5d27fc53eae50
This commit is contained in:
David Shrewsbury
@@ -84,6 +84,18 @@ Command Line Options
|
|||||||
Used to specify the Gearman job server hostname and port. This option
|
Used to specify the Gearman job server hostname and port. This option
|
||||||
can be used multiple times to specify multiple job servers.
|
can be used multiple times to specify multiple job servers.
|
||||||
|
|
||||||
|
.. option:: --gearman_ssl_ca <PATH>
|
||||||
|
|
||||||
|
The path for the Gearman SSL Certificate Authority
|
||||||
|
|
||||||
|
.. option:: --gearman_ssl_cert <PATH>
|
||||||
|
|
||||||
|
The path for the Gearman SSL certificate
|
||||||
|
|
||||||
|
.. option:: --gearman_ssl_key <PATH>
|
||||||
|
|
||||||
|
The path for the Gearman SSL key
|
||||||
|
|
||||||
.. option:: --keystone_module <MODULE:CLASS>
|
.. option:: --keystone_module <MODULE:CLASS>
|
||||||
|
|
||||||
A colon separated module and class to use as the keystone authentication
|
A colon separated module and class to use as the keystone authentication
|
||||||
|
|||||||
@@ -62,7 +62,10 @@ def setup_app(pecan_config, args):
|
|||||||
'swift_endpoint': args.swift_endpoint
|
'swift_endpoint': args.swift_endpoint
|
||||||
}
|
}
|
||||||
config['gearman'] = {
|
config['gearman'] = {
|
||||||
'server': args.gearman
|
'server': args.gearman,
|
||||||
|
'ssl_key': args.gearman_ssl_key,
|
||||||
|
'ssl_cert': args.gearman_ssl_cert,
|
||||||
|
'ssl_ca': args.gearman_ssl_ca
|
||||||
}
|
}
|
||||||
if args.debug:
|
if args.debug:
|
||||||
config['wsme'] = {'debug': True}
|
config['wsme'] = {'debug': True}
|
||||||
@@ -145,6 +148,18 @@ def main():
|
|||||||
'--gearman', action='append', metavar='HOST:PORT', default=[],
|
'--gearman', action='append', metavar='HOST:PORT', default=[],
|
||||||
help='Gearman job servers'
|
help='Gearman job servers'
|
||||||
)
|
)
|
||||||
|
options.parser.add_argument(
|
||||||
|
'--gearman_ssl_ca', metavar='FILE',
|
||||||
|
help='Gearman SSL certificate authority'
|
||||||
|
)
|
||||||
|
options.parser.add_argument(
|
||||||
|
'--gearman_ssl_cert', metavar='FILE',
|
||||||
|
help='Gearman SSL certificate'
|
||||||
|
)
|
||||||
|
options.parser.add_argument(
|
||||||
|
'--gearman_ssl_key', metavar='FILE',
|
||||||
|
help='Gearman SSL key'
|
||||||
|
)
|
||||||
options.parser.add_argument(
|
options.parser.add_argument(
|
||||||
'--keystone_module',
|
'--keystone_module',
|
||||||
default='keystoneclient.middleware.auth_token:AuthProtocol',
|
default='keystoneclient.middleware.auth_token:AuthProtocol',
|
||||||
|
|||||||
@@ -54,7 +54,21 @@ class GearmanClientThread(object):
|
|||||||
self.logger = logger
|
self.logger = logger
|
||||||
self.host = host
|
self.host = host
|
||||||
self.lbid = lbid
|
self.lbid = lbid
|
||||||
self.gearman_client = JSONGearmanClient(conf.gearman.server)
|
|
||||||
|
if all([conf.gearman.ssl_key, conf.gearman.ssl_cert,
|
||||||
|
conf.gearman.ssl_ca]):
|
||||||
|
# Use SSL connections to each Gearman job server.
|
||||||
|
ssl_server_list = []
|
||||||
|
for server in conf.gearman:
|
||||||
|
ghost, gport = server.split(':')
|
||||||
|
ssl_server_list.append({'host': ghost,
|
||||||
|
'port': gport,
|
||||||
|
'keyfile': conf.gearman.ssl_key,
|
||||||
|
'certfile': conf.gearman.ssl_cert,
|
||||||
|
'ca_certs': conf.gearman.ssl_ca})
|
||||||
|
self.gearman_client = JSONGearmanClient(ssl_server_list)
|
||||||
|
else:
|
||||||
|
self.gearman_client = JSONGearmanClient(conf.gearman.server)
|
||||||
|
|
||||||
def send_delete(self, data):
|
def send_delete(self, data):
|
||||||
with db_session() as session:
|
with db_session() as session:
|
||||||
|
|||||||
Reference in New Issue
Block a user