Add support to TLS

[moisesguimaraes]

Since version 1.5.13, Memcached supports TLS.

Motivation

At OpenStack, we use dogpile.cache as one of our oslo.cache Memcache backend drivers. To accommodate some cloud security requirements, we will need to enable TLS in Memcached as data must be encrypted in the wire in some scenarios.

I would like to help with the implementation of this if needed. I already got TLS support to python-binary-memcached, so now I'm trying to get this all the way up to oslo.cache so we can use it.

[zzzeek]

sure. doesn't oslo.cache make its own dogpile backends? maybe keystone is the one doing that.

[moisesguimaraes]

Hi @zzzeek, Keystore has been upgraded to use oslo.cache already and then oslo.cache uses dogpile.cache:

https://opendev.org/openstack/keystone/src/branch/master/releasenotes/notes/oslo.cache-a9ce47bfa8809efa.yaml

I have enabled TLS in python-binary-memcached by adding a tls_context param to their client class. The idea now is to have oslo.cache to build the tls_context object and pass it to dogpile.cache and dogpile.cache just forward it to python-binary-memcached.

Unless we encounter other setbacks this might be an easy patch.

[sqla-tester]

Moisés Guimarães de Medeiros has proposed a fix for this issue in the master branch:

Add TLS support for bmemcached https://gerrit.sqlalchemy.org/c/sqlalchemy/dogpile.cache/+/1966