You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2019/01/14 14:16:00 UTC

[jira] [Commented] (AIRFLOW-3704) Support SSL Protection for CeleryExecutor When Redis is Used as Broker

    [ https://issues.apache.org/jira/browse/AIRFLOW-3704?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16742102#comment-16742102 ] 

ASF GitHub Bot commented on AIRFLOW-3704:
-----------------------------------------

XD-DENG commented on pull request #4521: [AIRFLOW-3704] Support SSL Protection When Redis is Used as Broker for CeleryExecutor
URL: https://github.com/apache/airflow/pull/4521
 
 
   ### Jira
   
     - https://issues.apache.org/jira/browse/AIRFLOW-3704
   
   
   ### Description
   
   From Celery 4.1 (current Airflow is using 4.1.1), `broker_use_ssl` argument starts to support Redis (earlier this argument is only supported when pyamqp is used for broker) (reference: http://docs.celeryproject.org/en/latest/userguide/configuration.html#broker-use-ssl).
   
   But the details are different when user is using pyaqmp or Redis.
   
   The current implementation will pass wrong arguments when user is using Redis as broker and has chosen SSL_ACTIVE = True. Two possibilities:
   - if some exception is raised, user will not be able to SSL protection when they are using Redis, even though this is already supported by Celery.
   - this may work and skip wrong configuration silently, and user may think they have set up the SSL protection while it's not working.
   
   Neither is really acceptable.
   
   This PR has enabled using SSL protection when Redis is used as broker for CeleryExecutor.
   
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Support SSL Protection for CeleryExecutor When Redis is Used as Broker
> ----------------------------------------------------------------------
>
>                 Key: AIRFLOW-3704
>                 URL: https://issues.apache.org/jira/browse/AIRFLOW-3704
>             Project: Apache Airflow
>          Issue Type: Improvement
>          Components: celery
>    Affects Versions: 1.10.1
>            Reporter: Xiaodong DENG
>            Assignee: Xiaodong DENG
>            Priority: Major
>
> From Celery 4.1 (current Airflow is using 4.1.1), "broker_use_ssl" argument starts to support Redis (earlier this argument is only supported when pyamqp is used for broker) (REF: [https://github.com/celery/celery/blob/4.1/docs/userguide/configuration.rst] ).
> But the details are different when user is using pyaqmp or Redis. The current implementation will pass wrong arguments when user is using Redis as broker & choose SSL_ACTIVE = True. Two possibilities:
> - if some exception is raised, user will not be able to SSL protection when they are using Redis, even though this is already supported by Celery.
> - this may work and skip wrong configuration silently, and user may think they have set up the SSL protection while it's not working.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)