diff options
| -rw-r--r-- | lower-constraints.txt | 2 | ||||
| -rw-r--r-- | releasenotes/notes/zookeeper-ssl-support-b9abf24a39096b62.yaml | 6 | ||||
| -rw-r--r-- | setup.cfg | 2 | ||||
| -rw-r--r-- | taskflow/utils/kazoo_utils.py | 13 | ||||
| -rw-r--r-- | test-requirements.txt | 2 |
5 files changed, 22 insertions, 3 deletions
diff --git a/lower-constraints.txt b/lower-constraints.txt index 49199c3..1e780da 100644 --- a/lower-constraints.txt +++ b/lower-constraints.txt @@ -22,7 +22,7 @@ imagesize==0.7.1 iso8601==0.1.11 Jinja2==2.10 jsonschema==2.6.0 -kazoo==2.2 +kazoo==2.6.0 keystoneauth1==3.4.0 kombu==4.0.0 linecache2==1.0.0 diff --git a/releasenotes/notes/zookeeper-ssl-support-b9abf24a39096b62.yaml b/releasenotes/notes/zookeeper-ssl-support-b9abf24a39096b62.yaml new file mode 100644 index 0000000..7f7f76f --- /dev/null +++ b/releasenotes/notes/zookeeper-ssl-support-b9abf24a39096b62.yaml @@ -0,0 +1,6 @@ +--- +features: + - | + SSL support for zookeeper backend (kazoo client). Now the following options + can be passed to zookeeper config: *keyfile*, *keyfile_password*, + *certfile*, *use_ssl*, *verify_certs*.
\ No newline at end of file @@ -57,7 +57,7 @@ taskflow.engines = # NOTE(dhellmann): The entries in this section of the file need to be # kept consistent with the entries in test-requirements.txt. zookeeper = - kazoo>=2.2 # Apache-2.0 + kazoo>=2.6.0 # Apache-2.0 zake>=0.1.6 # Apache-2.0 redis = redis>=2.10.0 # MIT diff --git a/taskflow/utils/kazoo_utils.py b/taskflow/utils/kazoo_utils.py index 6ff0ce6..2d856bd 100644 --- a/taskflow/utils/kazoo_utils.py +++ b/taskflow/utils/kazoo_utils.py @@ -175,6 +175,13 @@ def make_client(conf): - ``handler``: a kazoo handler object that can be used to provide the client with alternate async strategies (the default is `thread`_ based, but `gevent`_, or `eventlet`_ ones can be provided as needed) + - ``keyfile`` : SSL keyfile to use for authentication + - ``keyfile_password``: SSL keyfile password + - ``certfile``: SSL certfile to use for authentication + - ``ca``: SSL CA file to use for authentication + - ``use_ssl``: argument to control whether SSL is used or not + - ``verify_certs``: when using SSL, argument to bypass + certs verification .. _client: https://kazoo.readthedocs.io/en/latest/api/client.html .. _kazoo: https://kazoo.readthedocs.io/ @@ -191,6 +198,12 @@ def make_client(conf): 'read_only': bool(conf.get('read_only')), 'randomize_hosts': bool(conf.get('randomize_hosts')), 'logger': LOG, + 'keyfile': conf.get('keyfile', None), + 'keyfile_password': conf.get('keyfile_password', None), + 'certfile': conf.get('certfile', None), + 'use_ssl': conf.get('use_ssl', False), + 'verify_certs': conf.get('verify_certs', True), + } # See: https://kazoo.readthedocs.io/en/latest/api/retry.html if 'command_retry' in conf: diff --git a/test-requirements.txt b/test-requirements.txt index 7c65a15..7ad3713 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -3,7 +3,7 @@ # entries need to be kept consistent. # zookeeper -kazoo>=2.2 # Apache-2.0 +kazoo>=2.6.0 # Apache-2.0 zake>=0.1.6 # Apache-2.0 # redis |