-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add http proxy support for tornado #29322
Conversation
Hi @mrproper. It looks like there are a number of lint errors here. Could you please take a look? https://jenkins.saltstack.com/job/salt-pr-lint-n/11348/violations/ |
@@ -6,3 +6,4 @@ requests>=1.0.0 | |||
tornado>=4.2.1 | |||
# Required by Tornado to handle threads stuff. | |||
futures>=2.0 | |||
pycurl>=7.19.3 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to have a larger discussion here before adding another base dependency to salt.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is NO WAY we are going to add another dep, this has been a nightmare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can certainly find a comprimise here. I recommend that we keep these configuration options while issuing a warning to the user on start that the necessary libraries be installed in order to facilitate this functionality. Salt's http utility library should be made to work in either case, preferring the pycurl implementation if it is installed on the system.
…be optional unless proxy_host/port is set
Interesting, when installing salt on ubuntu, python-tornado has a dep on python-pycurl anyway. I guess this is a larger question, should we be using curl_httpclient anyway? tornado seems to recommend it over simple? I have adjusted the pr to have it as an optional dep unless you set proxy_host/port |
@mrproper, thanks for your updates. |
client_argspec = inspect.getargspec(tornado.simple_httpclient.SimpleAsyncHTTPClient.initialize) | ||
client_argspec = None | ||
|
||
proxy_host = opts.get('proxy_host', None) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
get()
will return None
by default if the lookup fails, FWIW.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is true however i was being explicit, can change in another pr if youd like
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's fine. Just an FYI in case you weren't aware. :]
@mrproper Thanks for making these changes. I think this is much improved. Adding host exclusions would be good, but let's do it in an additional PR so we can get this one merged today. Thanks for your hard work here. It's really appreciated. |
add http proxy support for tornado
thanks everyone for the comments and the quick turn around! |
@mrproper I agree with you on using curl_httpclient in all cases. Now it's a required dependency, it's recommended by the authors (http://www.tornadoweb.org/en/stable/httpclient.html) and it would make the code simpler |
It would make sense to use curl_httpclient everywhere that tornado is used, however thats up to the community to discuss a new required dependency, even though debian derivatives have it as a dep due to the debian package python-tornado, its currently not a dep on anything else not using distribution package managers (ie solely from pip etc) |
@cachedout: Which is the last stable version of salt where proxy support is not broken (afaiu: which uses libcurl instead of tornado) |
Copy http.py from this PR over a debian jessie install gave me the following problems: downloaded file has wrong checksum. checksum is always d41d8cd98f00b204e9800998ecf8427e. I use this feature mainly for archive.extracted and file managed. Downloaded file has always checksum d41d8cd98f00b204e9800998ecf8427e as said above. Here is the example output of downloading a warfile from a reposerver via proxy:
Versions:
|
@rallytime, can this be backported to 2015.5? |
I don't really want to backport this to 2015.5, but I think 2015.8 is reasonable. |
@rallytime, thanks. |
* add http proxy support for tornado * add proxy_username/password and doc for the minion * add pycurl deps for tornado * fix lint issues * remove hard coded requirements for pycurl, change curl_httpclient to be optional unless proxy_host/port is set * fix lint
the tornado backend lacks support for http proxies from environment variables.
This patch changes the client method to curl if proxies are configured (curl_httpclient is required for proxy_host and proxy_port).
This adds new minion config parameters:
proxy_host
proxy_port
I’m undecided if we should attempt to read in the environment variables for $protocol_proxy or just configure it as a parameter.
This fixes several issues where proxies are in use that use the file.managed module such as:
#23617
It works towards also resolving these issues:
#21985
#8177