We only use it in the redis driver. Switch to using
packaging.version.Version, which is good enough for the redis-py test
suite also [1].
[1] https://github.com/redis/redis-py/blob/07fc339b4a/tests/conftest.py#L199-L208
Change-Id: I42fddfde153c3293099765bf76fe07a5064b3213
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Change 4954e284b9 updated the redis
sentinel driver to apply auth/ssl settings for redis sentinel, based
on ones of redis, but this change broke the existing usage in kolla
deployments, which require redis with authentication enabled and
sentinel with authentication DISABLED.
This restores the old behavior, which do not enable authentication and
ssl for sentinel even when these for redis is enabled.
Closes-Bug: #2056656
Change-Id: I3047c80359df3dad64be041db6f4a3a6180479d6
This fixes the regression caused by [1] and ensures host and port are
removed from kwargs, to avoid conflict with underlying usages.
This also makes the current implementation consistent with taskflow.
[1] 4954e284b9
Closes-Bug: #2056429
Change-Id: Iaa5f09e8dcfff9e65853f6f89976cf4c025bc864
The socket_keepalive option in RedisClient is not an integer but
a boolean. This fixes the type to parse the options accordingly.
Note this change still keeps support for socket_keepalive=1 or
socket_keepalive=0 , but would remove support for the other integer
values such as 2 or -1.
Change-Id: I47b8628b9676f37ab5bb82b0fa9e45fcff679893
Redis client supports health checks using PING/PONG since 3.3.0[1] but
this feature was not configurable in tooz.
This adds the new health_check_interval option, which is forwarded to
Redis client, to enable that feature.
[1] f60b2b07ca
Change-Id: Icba79be1929ec460d3cb17363e701fbee7de7d76
This ensures options for redis connections are replicated to sentinel
clients, so that users can enable SSL or authentication in Redis
sentinel while they also enable these in Redis.
Closes-Bug: #2052372
Change-Id: I78727387cf8287554549ff5a99a80f3317cbd59b
The sentinel fallbacks option may include IPv6 addresses like
['[::1]:26379'], and bare split can't handle this case properly.
This ensures the parse logic distinguishes the separator of host and
port and the characters in IPv6 addresses.
Closes-Bug: #2052353
Change-Id: Ibb4d26022864ece4abf91fd2d2fd665998d80bd8
Redis introduced ACL feature in 4.0.0, and this feature is supported by
redis-py since 3.4.0[1]. When ACL is enabled, authentication requires
username in addition to password.
[1] 8df8cd54d1
Closes-Bug: #2052371
Change-Id: I9b53c3a314dcffbe49535799ba6d7a1fdddb8d84
Some of the driver tests are already placed in the 'drivers' directory,
so let's put all driver tests for better consistency.
Change-Id: I411581551b40f5315a38412e975c416bb843da55
Change bed303e9b4 introduced the ability
to set timeout without blocking, but this caused a few problems.
- The acquire method has now different arguments according to
a backend driver being used
- The change broke the existing usage with blocking=<number>
This addresses these two problems.
Change-Id: I8cefa2f4a940082d17cde43d132a818940422176
etcd changed API version from v3beta to v3alpha, then v3, and because
of transition available api versions are different according to
the etcd server available.
This change implements the mechanism to detect the current api version
according to the etcd version obtained via the version API. So that
the url without api version works regardless of the etcd server used.
Closes-Bug: #2043810
Depends-on: https://review.opendev.org/c/openstack/etcd3gw/+/901244
Change-Id: Ib81390eb73feafe08d007db1ced4d0ceb3bde212
This allows users to give ssl_ca_certs argument of redis client so that
a specific file, instead of the system global certificates, can be
used.
Closes-Bug: #2012226
Change-Id: Id7e76c35c5ce7b22a8261026fe76557d509616b3
This driver was deprecated in the 2.11.0 release[1]. The 3.2.0 release
which contains this deprecation is used in upper-constraints of
stable/2023.1 so we are ready to remove this feature now.
[1] 7ee2780af8
Change-Id: I5ca2fe43cb25b4687ace6bd21a866b74f289d628
See https://bugs.debian.org/1040271. In fact, I believe the Python
warning is right, so fixing it.
Change-Id: Ice2a90180c00d0d7a2e1f3b78d5e6222703f4acd
* Recent versions of etcd no longer support the /v3alpha/ endpoint
* It's probably better to skip directly to the /v3/ endpoint
as a default.
* Note that this probably means a new minor version of tooz, while
the behaviour can be worked around in config, this is enough to
break existing systems on upgrade.
* Updated the test to test backwards compatibility.
* Updated the tests to use etcd 3.3.27, unfortunately we need
a newer version of pifpaf that supports 3.4 before the default
api can be used.
* The etcd backend tests have been removed: the deprecated backend
uses the v2 api which is no longer provided - a future commit
should remove the deprecated backend. The etcd3gw backend is the
replacement.
This fix is required in pifpaf, but it's not in any release:
7496e5e1c3
Depends-On: https://review.opendev.org/c/openstack/devstack/+/891353
Change-Id: Ibb5e587f6b1348794b1bf4d6405bc4a32a653c2c
currently Gitea at opendev.org displays a warning about
ambiguous Unicode characters in tooz/coordination.py.
While really minor and benign, let's fix it so it does not trigger
and confuse future viewers.
Change-Id: Idbe9006e843bcedcdb98d735c49b157ab5ae6b12
The issue with current one is we try to use blocking as timeout
provider.
That make the timeout setting in mysql bound with blocking.
And the lock can't served with scenario that when we don't need timeout
blocking but still timeout required.
Change-Id: I36c80f882a91cd1c63d5a3bc2d1d8cb50f6637c6
mysql should support customize timeout when acquire lock.
Curently we only put 0, which will lead to in crush cases,
lock might releases after mysql socket timeout, which is long hrs.
Change-Id: I01aaff4af34b89fe82d985276ba356ce85a910de
Zookeeper does support TLS encryption and authentication for client
connections. There's no reason not to pass these arguments to the kazoo
to allow encrypted connections.
We bump minimum kazoo version to 2.6.0 since change implementin SSL support
has been merged with [1] and was first released with 2.6.0 tag.
[1] 35ce10669a
Change-Id: Ied29512989f477a19753afcb789e5588877fd688
since etcd3 3.5 dropped support for v3alpha and v3beta api, replacing
those with v3.
etcd3gw library supports passing api_path (v3alpha by default), but tooz
lacks such possibility and thus can not work with etcd3 3.5.
This patch adds handling of "api_version" in the options to
"ectd3+https" connection URLs (defaults to v3alpha as it is today and
corresponds to etcd3 version shipped in major LTS distros at the
moment).
Closes-Bug: #1983668
Depends-On: I49c480f573a4ba8294627a3ce730b816ded10aed
Change-Id: Ib30c1e003f261cd7e1ac6fed87167f9974bf8542
Whether 'was_deleted' was 'TRUE' or not, eventually we have to remove
self from '_acquired_locks'.
For example:
1. App #1 with coordinator 'A' wants to release lock "b"
2. 'self.coord.client.delete()' failed for some reason(.e.g,
BrokenPipeError,MemcacheUnexpectedCloseError)
3. According to the former logic,lock "b" will not remove
from "_acquired_locks", so "self.heartbeat()" will make it alive
forever until App #1 was down or lock "b" turned expired.
4. Now App #1 with coordinator 'A' wants to acquire lock "c", who
have the same lock-name with lock "b",It is clear that this will
fail and prevent the locked program from continuing to execute.
Change-Id: I6fc33b8e0a88510027bcfc30d1504489d2a91b4e
It can happen membership lease can be expired
to the moment of lease refreshing.
In this case heartbeat will try to refresh
expired lease forever without success.
The patch checks if lease expired and create new one.
Closes-Bug: 1975524
Depends-On: https://review.opendev.org/c/openstack/etcd3gw/+/843003
Change-Id: I5017724fd0134f3f0a51f059640e641dd9853ff2
Add run_watchers support to Etcd3Driver.
Raise NotImplemented during leader change watch methods
to let corresponding tests pass since only group
membership is supported
Closes-bug: #1968323
Change-Id: Ibd46a3697b59cd22f386e60d29649acc5c5cd88a
The etcd3 driver depends on the python-etcd3 [1]
library that is currently stale and no has no
active maintenance [2] with a non-working CI
that blocks all PRs.
It's also currently blocking Tooz from supporting
newer versions of tenacity [3] that a lot of
projects is now pinning because newer version of
tenacity dropped old legacy compatibility code
that has been in there for years.
We currently have etcd3gw as an alternative driver
where the library the driver depends on is a
deliverable that we maintain.
[1] https://github.com/kragniz/python-etcd3
[2] https://github.com/kragniz/python-etcd3/issues/1719
[3] https://review.opendev.org/c/openstack/tooz/+/829412
Change-Id: Iff0cd3b51cfc45ecbddc831c55267e80e9c79cac
Stephen Finucane