Merge branch 'release/v3.5.7'

elastichq/config/settings.py

@@ -62,7 +62,7 @@ class TestSettings(BaseSettings):
     # static
     HQ_SITE_URL = 'http://elastichq.org'
     HQ_GH_URL = 'https://github.com/ElasticHQ/elasticsearch-HQ'
-    API_VERSION = 'v3.5.6'
+    API_VERSION = 'v3.5.7'
 
     ES_TEST_INDEX_NAME = 'cars'
 
@@ -105,7 +105,7 @@ class ProdSettings(BaseSettings):
     # static
     HQ_SITE_URL = 'http://elastichq.org'
     HQ_GH_URL = 'https://github.com/ElasticHQ/elasticsearch-HQ'
-    API_VERSION = '3.5.6'
+    API_VERSION = '3.5.7'
     SERVER_NAME = None
 
     # cluster settings: specific settings for each cluster and how HQ should handle it.

elastichq/service/ConnectionService.py

@@ -38,20 +38,25 @@ def ping(self, ip, port, scheme='http'):
     def create_connection(self, ip, port, scheme='http', username=None, password=None, fail_on_exception=False,
                           enable_ssl=False, ca_certs=None, verify_certs=True, client_cert=None, client_key=None):
         """
-        Creates a connection with a cluster and place the connection inside of a connection pool, using the cluster_name as an alias.
+        Creates a connection with a cluster and place the connection inside of a connection pool, using the
+        cluster_name as an alias.
         :param client_cert:
         :param client_key:
         :param verify_certs:
         :param ip:
         :param port: 
         :param scheme:
         :param fail_on_exception: If we should raise an exception on a failed connection
-        :param ca_certs: Frome the requests docs: "verify: (optional) Either a boolean, in which case it controls whether we verify
+        :param ca_certs: Frome the requests docs: "verify: (optional) Either a boolean, in which case it controls
+        whether we verify
             the server's TLS certificate, or a string, in which case it must be a path
             to a CA bundle to use. Defaults to ``True``."
         :return:
         """
         try:
+            LOG.info('Verify: ' + str(verify_certs))
+            LOG.info('Cert File: ' + str(ca_certs))
+
             is_basic_auth = False
 
             # clean the params
@@ -64,13 +69,19 @@ def create_connection(self, ip, port, scheme='http', username=None, password=Non
 
             client_cert_credentials = None if client_cert is None or client_key is None else (client_cert, client_key)
 
-            # determine version first
             if is_basic_auth is True:
                 LOG.info("Basic Auth is True")
                 if enable_ssl:
                     LOG.info("SSL enabled")
-                    response = requests.get(scheme + "://" + ip + ":" + port, auth=(username, password),
-                                            timeout=REQUEST_TIMEOUT, verify=ca_certs, cert=client_cert_credentials)
+                    if verify_certs is False:
+                        LOG.info("Verify Certs is False")
+                        response = requests.get(scheme + "://" + ip + ":" + port, auth=(username, password),
+                                                timeout=REQUEST_TIMEOUT, verify=verify_certs,
+                                                cert=client_cert_credentials)
+                    else:
+                        LOG.info("Verify Certs is True")
+                        response = requests.get(scheme + "://" + ip + ":" + port, auth=(username, password),
+                                                timeout=REQUEST_TIMEOUT, verify=ca_certs, cert=client_cert_credentials)
                 else:
                     LOG.info("SSL disabled")
                     response = requests.get(scheme + "://" + ip + ":" + port, auth=(username, password),
@@ -79,13 +90,21 @@ def create_connection(self, ip, port, scheme='http', username=None, password=Non
                 LOG.info("Basic Auth is False")
                 if enable_ssl:
                     LOG.info("SSL enabled")
-                    response = requests.get(scheme + "://" + ip + ":" + port, timeout=REQUEST_TIMEOUT, verify=ca_certs, cert=client_cert_credentials)
+                    if verify_certs is False:
+                        LOG.info("Verify Certs is False")
+                        response = requests.get(scheme + "://" + ip + ":" + port, timeout=REQUEST_TIMEOUT,
+                                                verify=verify_certs, cert=client_cert_credentials)
+                    else:
+                        LOG.info("Verify Certs is True")
+                        response = requests.get(scheme + "://" + ip + ":" + port, timeout=REQUEST_TIMEOUT,
+                                                verify=ca_certs, cert=client_cert_credentials)
                 else:
                     LOG.info("SSL disabled")
                     response = requests.get(scheme + "://" + ip + ":" + port, timeout=REQUEST_TIMEOUT)
 
             if response.status_code == 401:
-                message = "Unable to create connection! Server returned 401 - UNAUTHORIZED: " + scheme + "://" + ip + ":" + port
+                message = "Unable to create connection! Server returned 401 - UNAUTHORIZED: " + scheme + "://" + ip +\
+                          ":" + port
                 raise ConnectionNotAuthorized(message=message)
 
             content = json.loads(response.content.decode('utf-8'))
@@ -156,10 +175,12 @@ def get_connections(self, create_if_missing=True):
 
     def get_connection(self, cluster_name, create_if_missing=True):
         """
-        Interface for cluster connection pool object. If a connection does not exist, it will attempt to create it, using what is stored in the database. If it cannot find the connection 
+        Interface for cluster connection pool object. If a connection does not exist, it will attempt to create it,
+        using what is stored in the database. If it cannot find the connection
         or cannot create one from the database, it will throw a ConnectionNotFoundException
         :param cluster_name: 
-        :param create_if_missing: Will create the connection in the connection pool AND the persistence layer if it does not exist.
+        :param create_if_missing: Will create the connection in the connection pool AND the persistence layer if it
+        does not exist.
         :return:
         """
         try:

example/docker-compose-local-dev.yml

@@ -0,0 +1,57 @@
+################################################################################################################
+# Use this file to build from local source. Note you have to 'docker system prune -a' on code changes or 'docker-compose build'
+# Sample docker-compose file that will allow for connecting ES and HQ between separate containers
+# Note that the container_name (elasticsearch) is used as a default connection url in the HQ settings.
+################################################################################################################
+
+version: '3'
+services:
+  elastichq:
+    build:
+      context: ../
+      dockerfile: Dockerfile
+    container_name: elastichq
+    environment:
+      - HQ_DEFAULT_URL=http://elasticsearch:9200
+      - HQ_DEBUG=True
+    #      - HQ_ENABLE_SSL=True
+    #      - HQ_VERIFY_CERTS=False
+    #      - HQ_CA_CERTS=/usr/local/share/ca-certificates/MYCA.crt
+    ports:
+      - 5000:5000
+    networks:
+      - esnet
+
+  elasticsearch:
+    image: elasticsearch:2.4.6
+    container_name: elasticsearch
+    environment:
+      - cluster.name=elasticsearch
+      - node.name=node_1
+      - network.host=0.0.0.0
+      - network.publish_host=0.0.0.0
+      - bootstrap.memory_lock=true
+      - http.cors.enabled=true
+      - http.cors.allow-origin=*
+      - http.host=0.0.0.0
+      - transport.host=0.0.0.0
+      - bootstrap.system_call_filter=false
+      - "ES_JAVA_OPTS=-Xms1g -Xmx1g"
+    volumes:
+      - esdata1:/usr/share/elasticsearch/data
+    ports:
+      - 9200:9200
+      - 9300:9300
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+    networks:
+      - esnet
+
+volumes:
+  esdata1:
+    driver: local
+networks:
+  esnet:
+    driver: bridge