django - 如何从 celery-django 项目安全地连接到 Azure redis?
问题描述
我正在尝试从本地 Redis 容器转换为 Azure 中的托管服务。
我知道我有正确的服务器名称和密钥,因为
redis-cli -h <server-name>.redis.cache.windows.net -p 6379 -a <azure_key>
连接。
我之前在 celery_manager.py 中的本地连接是
app = Celery(broker=redis://redis:6379)
我在启用非 ssl 端口的情况下成功更新了代理。
broker=redis://:<key>@<server-name>.redis.cache.windows.net:6379 per [this question]
我尝试将代理更新为:
broker=redis://:<key>@<server-name>.redis.cache.windows.net:6380
我在 Celery 日志中收到了这个警告:
[2020-12-03 20:54:00,491: WARNING/celery] Secure redis scheme specified (rediss) with no ssl options, defaulting to insecure SSL behaviour.
而 django-tasks 中的这个异常:
020-12-03 20:54:31,223 - INFO - runworker - Using single-threaded worker.
2020-12-03 20:54:31,224 - INFO - runworker - Running worker against channel layer default (asgi_redis.core.RedisChannelLayer)
2020-12-03 20:54:31,225 - INFO - worker - Listening on channels http.request, websocket.connect, websocket.disconnect, websocket.receive
Traceback (most recent call last):
File "/root/miniconda3/lib/python3.6/site-packages/redis/connection.py", line 185, in _read_from_socket
raise socket.error(SERVER_CLOSED_CONNECTION_ERROR)
OSError: Connection closed by server.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/src/manage.py", line 22, in <module>
execute_from_command_line(sys.argv)
File "/root/miniconda3/lib/python3.6/site-packages/django/core/management/__init__.py", line 381, in execute_from_command_line
utility.execute()
File "/root/miniconda3/lib/python3.6/site-packages/django/core/management/__init__.py", line 375, in execute
self.fetch_command(subcommand).run_from_argv(self.argv)
File "/root/miniconda3/lib/python3.6/site-packages/django/core/management/base.py", line 323, in run_from_argv
self.execute(*args, **cmd_options)
File "/root/miniconda3/lib/python3.6/site-packages/django/core/management/base.py", line 364, in execute
output = self.handle(*args, **options)
File "/root/miniconda3/lib/python3.6/site-packages/channels/management/commands/runworker.py", line 82, in handle
worker.run()
File "/root/miniconda3/lib/python3.6/site-packages/channels/worker.py", line 87, in run
channel, content = self.channel_layer.receive_many(channels, block=True)
File "/root/miniconda3/lib/python3.6/site-packages/asgi_redis/core.py", line 128, in receive_many
result = connection.blpop(list_names, timeout=self.blpop_timeout)
File "/root/miniconda3/lib/python3.6/site-packages/redis/client.py", line 1550, in blpop
return self.execute_command('BLPOP', *keys)
File "/root/miniconda3/lib/python3.6/site-packages/redis/client.py", line 772, in execute_command
connection = pool.get_connection(command_name, **options)
File "/root/miniconda3/lib/python3.6/site-packages/redis/connection.py", line 994, in get_connection
connection.connect()
File "/root/miniconda3/lib/python3.6/site-packages/redis/connection.py", line 502, in connect
self.on_connect()
File "/root/miniconda3/lib/python3.6/site-packages/redis/connection.py", line 570, in on_connect
if nativestr(self.read_response()) != 'OK':
File "/root/miniconda3/lib/python3.6/site-packages/redis/connection.py", line 637, in read_response
response = self._parser.read_response()
File "/root/miniconda3/lib/python3.6/site-packages/redis/connection.py", line 290, in read_response
response = self._buffer.readline()
File "/root/miniconda3/lib/python3.6/site-packages/redis/connection.py", line 224, in readline
self._read_from_socket()
File "/root/miniconda3/lib/python3.6/site-packages/redis/connection.py", line 199, in _read_from_socket
(e.args,))
redis.exceptions.ConnectionError: Error while reading from socket: ('Connection closed by server.',)
我看到了这个问题并添加了broker_use_ssl,但我不确定如何实际使用配置。
这并没有改变任何东西:
app = Celery(broker=redis_url, broker_use_ssl={'cert_reqs':'ssl.CERT_REQUIRED'})
我更正了上面的端口并尝试了@Stanley Gong 的建议,包括从 ssl.CERT_REQUIRED 中删除引号。但结果没有变化。
import ssl
app = Celery(broker=redis_url, broker_use_ssl={'cert_reqs':ssl.CERT_REQUIRED})
解决方案
我的工作解决方案。就我而言,redis 主机已打开Azure cache for Redis。
# settings.py
import ssl
_broker_url = f'rediss://:{REDIS_PASS}@{REDIS_HOST_PORT_URL}'
BROKER_URL = _broker_url
CELERY_RESULT_BACKEND = _broker_url
BROKER_USE_SSL={'ssl_cert_reqs': ssl.CERT_REQUIRED}
CELERY_REDIS_BACKEND_USE_SSL={'ssl_cert_reqs': ssl.CERT_REQUIRED}
请注意 redis 中的额外s内容,这是用于 ssl 连接的。
对于 celery.py 文件,一切都将保持原样,除了
# celery.py
app = Celery('appname')
我们还可以根据您的确切需求进行配置。
改变
BROKER_USE_SSL到broker_use_ssl和
CELERY_REDIS_BACKEND_USE_SSL到redis_backend_use_ssl.
然后你可以这样做
app = Celery('appname', broker_url=url, broker_use_ssl={'ssl_cert_reqs': ssl.CERT_REQUIRED})
#if needed please add configuration for result_backend same as this.
推荐阅读
- python - 如何删除图像中不需要的部分,然后使用 Python 创建一个新的小图像?
- ti-basic - 如何防止 TI-84 上的程序被转移到另一个计算器?
- dotnetnuke - 如何在 View 启动时检测 Content 的状态?
- python - 为什么我的代码不能在 Visual Studio Code 中运行?
- javascript - 如何更新我的 javascript 变量值?
- python - 如何修复 OverflowError:int64 加法中的溢出
- java - 如何在 apache_beam 的 MapElements 中动态添加字段?
- jquery - 如何使用 jQuery 在 body::before 中设置背景图像
- excel - 如何消除条件格式的以下后果?
- opencl - OpenCL 程序仅适用于 itemsize 的倍数