Add support for Redis Sentinel backend
This introduces support for Redis Sentinel backend. Users can now use Redis Sentinel backend instead of Redis backend by configurations like the example below. [cache] enabled = True backend = dogpile.cache.redis_sentinel backend_argument = sentinels:192.0.2.1:6379,192.0.2.2:6379,192.0.2.3:6379 backend_argument = service_name:myservice If tls_enabled option is set to True then all the tls settings are applied for connections to Redis as well as connections to Redis Sentinel. TODO: - Add unit tests - Add a release note Change-Id: Ic3b84fe6810e08337a884c68625ccfed11665269
This commit is contained in:
parent
29e0d4f3ae
commit
cbcea94ee4
|
@ -44,6 +44,7 @@ FILE_OPTIONS = {
|
|||
'dogpile.cache.bmemcached',
|
||||
'dogpile.cache.dbm',
|
||||
'dogpile.cache.redis',
|
||||
'dogpile.cache.redis_sentinel',
|
||||
'dogpile.cache.memory',
|
||||
'dogpile.cache.memory_pickle',
|
||||
'dogpile.cache.null'],
|
||||
|
|
|
@ -100,6 +100,18 @@ class _DebugProxy(proxy.ProxyBackend):
|
|||
self.proxied.delete_multi(keys)
|
||||
|
||||
|
||||
def _parse_sentinel(sentinel):
|
||||
# IPv6 (eg. [::1]:6379 )
|
||||
match = re.search('\[(\S+)\]:(\d+)', sentinel)
|
||||
if match:
|
||||
return (match[1], int(match[2]))
|
||||
# IPv4 or hostname (eg. 127.0.0.1:6379 or localhost:6379)
|
||||
match = re.search('(\S+):(\d+)', sentinel)
|
||||
if match:
|
||||
return (match[1], int(match[2]))
|
||||
raise ValueError('Malformed sentinel host format')
|
||||
|
||||
|
||||
def _build_cache_config(conf):
|
||||
"""Build the cache region dictionary configuration.
|
||||
|
||||
|
@ -133,6 +145,19 @@ def _build_cache_config(conf):
|
|||
in ('dogpile.cache.memcached', 'oslo_cache.memcache_pool') and
|
||||
argname == 'url'):
|
||||
argvalue = argvalue.split(',')
|
||||
|
||||
if argname == 'sentinels':
|
||||
if conf.cache.backend != 'dogpile.cache.redis_sentinel':
|
||||
raise exception.ConfigurationError(
|
||||
'sentinels in backend arguments is supported only by '
|
||||
'the %s backend' % conf.cache.backend)
|
||||
try:
|
||||
argvalue = [_parse_sentinel(sentinel) for sentinel
|
||||
in argvalue.split(',')]
|
||||
except ValueError:
|
||||
raise exception.ConfigurationError(
|
||||
'Backend arguments contain malformed sentinels argument')
|
||||
|
||||
conf_dict[arg_key] = argvalue
|
||||
|
||||
_LOG.debug('Oslo Cache Config: %s', conf_dict)
|
||||
|
@ -206,7 +231,8 @@ def _build_cache_config(conf):
|
|||
tls_context.set_ciphers(conf.cache.tls_allowed_ciphers)
|
||||
|
||||
conf_dict['%s.arguments.tls_context' % prefix] = tls_context
|
||||
elif conf.cache.backend in ('dogpile.cache.redis',):
|
||||
elif conf.cache.backend in ('dogpile.cache.redis',
|
||||
'dogpile.cache.redis_sentinel'):
|
||||
if conf.cache.tls_allowed_ciphers is not None:
|
||||
raise exception.ConfigurationError(
|
||||
"Limiting allowed ciphers is not supported by "
|
||||
|
@ -216,19 +242,21 @@ def _build_cache_config(conf):
|
|||
"FIPS mode is not supported by the %s backend" %
|
||||
conf.cache.backend)
|
||||
|
||||
client_kwargs = {'ssl': True}
|
||||
c_kwargs = {'ssl': True}
|
||||
if conf.cache.tls_cafile is not None:
|
||||
_LOG.debug('Oslo Cache TLS - CA: %s', conf.cache.tls_cafile)
|
||||
client_kwargs['ssl_ca_certs'] = conf.cache.tls_cafile
|
||||
c_kwargs['ssl_ca_certs'] = conf.cache.tls_cafile
|
||||
if conf.cache.tls_certfile is not None:
|
||||
_LOG.debug('Oslo Cache TLS - cert: %s',
|
||||
conf.cache.tls_certfile)
|
||||
_LOG.debug('Oslo Cache TLS - key: %s', conf.cache.tls_keyfile)
|
||||
client_kwargs.update({
|
||||
c_kwargs.update({
|
||||
'ssl_certfile': conf.cache.tls_certfile,
|
||||
'ssl_keyfile': conf.cache.tls_keyfile
|
||||
})
|
||||
conf_dict['%s.arguments.client_kwargs' % prefix] = client_kwargs
|
||||
conf_dict['%s.arguments.client_kwargs' % prefix] = c_kwargs
|
||||
if conf.cache.backend == 'dogpile.cache.redis_sentinel':
|
||||
conf_dict['%s.arguments.sentinel_kwargs' % prefix] = c_kwargs
|
||||
else:
|
||||
msg = _(
|
||||
"TLS setting via [cache] tls_enabled is not supported by this "
|
||||
|
|
Loading…
Reference in New Issue