Commit e605c975 authored by Jim Fulton's avatar Jim Fulton

add client-conflict-resolution to doc

And move this file to the top of the project, as there was a similar
version ther.
parent 1ce6fd78
=== ==========================
ZEO ZEO HOWTO
=== ==========================
ZEO provides a client-server storage implementation for ZODB.
.. contents:: .. contents::
Usage Introduction
===== ============
ZEO is a client-server system for sharing a single storage among many ZEO (Zope Enterprise Objects) is a client-server system for sharing a
clients. When you use ZEO, the storage is opened in the ZEO server single storage among many clients. When you use ZEO, a lower-level
storage, typically a file storage, is opened in the ZEO server
process. Client programs connect to this process using a ZEO process. Client programs connect to this process using a ZEO
ClientStorage. ZEO provides a consistent view of the database to all ClientStorage. ZEO provides a consistent view of the database to all
clients. The ZEO client and server communicate using a custom RPC clients. The ZEO client and server communicate using a custom
protocol layered on top of TCP. protocol layered on top of TCP.
Options There are several features that affect the behavior of
------- ZEO. This section describes how a few of these features
work. Subsequent sections describe how to configure every option.
There are several configuration options that affect the behavior of a
ZEO server. This section describes how a few of these features
working. Subsequent sections describe how to configure every option.
Client cache Client cache
~~~~~~~~~~~~ ------------
Each ZEO client keeps an on-disk cache of recently used objects to Each ZEO client keeps an on-disk cache of recently used data records
avoid fetching those objects from the server each time they are to avoid fetching those records from the server each time they are
requested. It is usually faster to read the objects from disk than it requested. It is usually faster to read the objects from disk than it
is to fetch them over the network. The cache can also provide is to fetch them over the network. The cache can also provide
read-only copies of objects during server outages. read-only copies of objects during server outages.
...@@ -41,44 +37,29 @@ The client cache size is configured when the ClientStorage is created. ...@@ -41,44 +37,29 @@ The client cache size is configured when the ClientStorage is created.
The default size is 20MB, but the right size depends entirely on the The default size is 20MB, but the right size depends entirely on the
particular database. Setting the cache size too small can hurt particular database. Setting the cache size too small can hurt
performance, but in most cases making it too big just wastes disk performance, but in most cases making it too big just wastes disk
space. The document "Client cache tracing" describes how to collect a space.
cache trace that can be used to determine a good cache size.
ZEO uses invalidations for cache consistency. Every time an object is ZEO uses invalidations for cache consistency. Every time an object is
modified, the server sends a message to each client informing it of modified, the server sends a message to each client informing it of
the change. The client will discard the object from its cache when it the change. The client will discard the object from its cache when it
receives an invalidation. These invalidations are often batched. receives an invalidation. (It's actually a little more complicated,
but we won't get into that here.)
Each time a client connects to a server, it must verify that its cache Each time a client connects to a server, it must verify that its cache
contents are still valid. (It did not receive any invalidation contents are still valid. (It did not receive any invalidation
messages while it was disconnected.) There are several mechanisms messages while it was disconnected.) This involves asking the server
used to perform cache verification. In the worst case, the client to replay invalidations it missed. If it's been disconnected too long,
sends the server a list of all objects in its cache along with their it discards its cache.
timestamps; the server sends back an invalidation message for each
stale object. The cost of verification is one drawback to making the
cache too large.
Note that every time a client crashes or disconnects, it must verify
its cache. Every time a server crashes, all of its clients must
verify their caches.
The cache verification process is optimized in two ways to eliminate
costs when restarting clients and servers. Each client keeps the
timestamp of the last invalidation message it has seen. When it
connects to the server, it checks to see if any invalidation messages
were sent after that timestamp. If not, then the cache is up-to-date
and no further verification occurs. The other optimization is the
invalidation queue, described below.
Invalidation queue Invalidation queue
~~~~~~~~~~~~~~~~~~ ------------------
The ZEO server keeps a queue of recent invalidation messages in The ZEO server keeps a queue of recent invalidation messages in
memory. When a client connects to the server, it sends the timestamp memory. When a client connects to the server, it sends the timestamp
of the most recent invalidation message it has received. If that of the most recent invalidation message it has received. If that
message is still in the invalidation queue, then the server sends the message is still in the invalidation queue, then the server sends the
client all the missing invalidations. This is often cheaper than client all the missing invalidations.
perform full cache verification.
The default size of the invalidation queue is 100. If the The default size of the invalidation queue is 100. If the
invalidation queue is larger, it will be more likely that a client invalidation queue is larger, it will be more likely that a client
...@@ -88,8 +69,16 @@ the message. Invalidation messages tend to be small, perhaps a few ...@@ -88,8 +69,16 @@ the message. Invalidation messages tend to be small, perhaps a few
hundred bytes each on average; it depends on the number of objects hundred bytes each on average; it depends on the number of objects
modified by a transaction. modified by a transaction.
You can also provide an invalidation age when configuring the
server. In this case, if the invalidation queue is too small, but a
client has been disconnected for a time interval that is less than the
invalidation age, then invalidations are replayed by iterating over
the lower-level storage on the server. If the age is too high, and
clients are disconneced for a long time, then this can put a lot of
load on the server.
Transaction timeouts Transaction timeouts
~~~~~~~~~~~~~~~~~~~~ --------------------
A ZEO server can be configured to timeout a transaction if it takes A ZEO server can be configured to timeout a transaction if it takes
too long to complete. Only a single transaction can commit at a time; too long to complete. Only a single transaction can commit at a time;
...@@ -119,78 +108,103 @@ If it did, it is possible that some storages committed the client ...@@ -119,78 +108,103 @@ If it did, it is possible that some storages committed the client
changes and others did not. changes and others did not.
Connection management Connection management
~~~~~~~~~~~~~~~~~~~~~ ---------------------
A ZEO client manages its connection to the ZEO server. If it loses A ZEO client manages its connection to the ZEO server. If it loses
the connection, it attempts to reconnect. While the connection, it attempts to reconnect. While
it is disconnected, it can satisfy some reads by using its cache. it is disconnected, it can satisfy some reads by using its cache.
The client can be configured to wait for a connection when it is created
or to return immediately and provide data from its persistent cache.
It usually simplifies programming to have the client wait for a
connection on startup.
When the client is disconnected, it polls periodically to see if the
server is available. The rate at which it polls is configurable.
The client can be configured with multiple server addresses. In this The client can be configured with multiple server addresses. In this
case, it assumes that each server has identical content and will use case, it assumes that each server has identical content and will use
any server that is available. It is possible to configure the client any server that is available. It is possible to configure the client
to accept a read-only connection to one of these servers if no to accept a read-only connection to one of these servers if no
read-write connection is available. If it has a read-only connection, read-write connection is available. If it has a read-only connection,
it will continue to poll for a read-write connection. This feature it will continue to poll for a read-write connection.
supports the Zope Replication Services product,
http://www.zope.com/Products/ZopeProducts/ZRS. In general, it could
be used to with a system that arranges to provide hot backups of
servers in the case of failure.
If a single address resolves to multiple IPv4 or IPv6 addresses, If a single address resolves to multiple IPv4 or IPv6 addresses,
the client will connect to an arbitrary of these addresses. the client will connect to an arbitrary of these addresses.
Authentication SSL
~~~~~~~~~~~~~~ ---
ZEO supports optional authentication of client and server using a ZEO supports the use of SSL connections between servers and clients,
password scheme similar to HTTP digest authentication (RFC 2069). It including certificate authentication. We're still understanding use
is a simple challenge-response protocol that does not send passwords cases for this, so details of operation may change.
in the clear, but does not offer strong security. The RFC discusses
many of the limitations of this kind of protocol. Note that this
feature provides authentication only. It does not provide encryption
or confidentiality.
The challenge-response also produces a session key that is used to Installing software
generate message authentication codes for each ZEO message. This ===================
should prevent session hijacking.
Guard the password database as if it contained plaintext passwords. ZEO is installed like any other Python package using pip, buildout, or
It stores the hash of a username and password. This does not expose pther Python packaging tools.
the plaintext password, but it is sensitive nonetheless. An attacker
with the hash can impersonate the real user. This is a limitation of
the simple digest scheme.
The authentication framework allows third-party developers to provide Running the server
new authentication modules. ==================
Installing software Typically, the ZEO server is run using the ``runzeo`` script that's
------------------- installed as part of a ZEO installation. The ``runzeo`` script
accepts command line options, the most important of which is the
``-C`` (``--configuration``) option. ZEO servers are best configured
via configuration files. The ``runzeo`` script also accepts some
command-line arguments for ad-hoc configurations, but there's an
easier way to run an ad-hoc server described below. For more on
configuraing a ZEO server see `Server configuration`_ below.
ZEO is installed like other Python packages using pip, easy_install, Server quick-start/ad-hoc operation
buildout, etc. -----------------------------------
Configuring server You can quickly start a ZEO server from a Python prompt::
------------------
import ZEO
address, stop = ZEO.server()
This runs a ZEO server on a dynamic address and using an in-memory
storage.
We can then create a ZEO client connection using the address
returned::
connection = ZEO.connection(addr)
This is a ZODB connection for a database opened on a client storage
instance created on the fly. This is a shorthand for::
db = ZEO.DB(addr)
connection = db.open()
Which is a short-hand for::
client_storage = ZEO.client(addr)
import ZODB
db = ZODB.db(client_storage)
connection = db.open()
If you exit the Python process, the storage exits as well, as it's run
in an in-process thread. It will leave behind it's configuration and
log file. This provides a handy way to get a configuration example.
You shut down the server more cleanly by calling the stop function
returned by the ``ZEO.server`` function. This will remove the
temporary configuration file.
To have data stored persistently, you can specify a file-storage path
name using a ``path`` parameter. If you want blob support, you can
specify a blob-file directory using the ``blob_dir`` directory.
You can also supply a port to listen on, full storage configuration
and ZEO server configuration options to the ``ZEO.server``
function. See it's documentation string for more information.
The script ``runzeo`` runs the ZEO server. The server can be Server configuration
--------------------
The script runzeo.py runs the ZEO server. The server can be
configured using command-line arguments or a config file. This configured using command-line arguments or a config file. This
document only describes the config file. Run runzeo.py document only describes the config file. Run runzeo.py
-h to see the list of command-line arguments. -h to see the list of command-line arguments.
The ``runzeo`` script imports the ZEO package. ZEO must either be
installed in Python's site-packages directory or be in a directory on
PYTHONPATH.
The configuration file specifies the underlying storage the server The configuration file specifies the underlying storage the server
uses, the address it binds, and a few other optional parameters. uses, the address it binds to, and a few other optional parameters.
An example is:: An example is::
<zeo> <zeo>
...@@ -202,27 +216,37 @@ An example is:: ...@@ -202,27 +216,37 @@ An example is::
</filestorage> </filestorage>
<eventlog> <eventlog>
level INFO
<logfile> <logfile>
path /var/tmp/zeo.log path /var/tmp/zeo.log
format %(asctime)s %(message)s format %(asctime)s %(message)s
</logfile> </logfile>
</eventlog> </eventlog>
This file configures a server to use a FileStorage from The format is similar to the Apache configuration format. Individual
``/var/tmp/Data.fs``. The server listens on port 8090 of settings have a name, 1 or more spaces and a value, as in::
zeo.example.com. The ZEO server writes its log file to
/var/tmp/zeo.log and uses a custom format for each line. Assuming the address zeo.example.com:8090
example configuration it stored in zeo.config, you can run a server by
Settings are grouped into hierarchical sections.
The example above configures a server to use a file storage from
``/var/tmp/Data.fs``. The server listens on port ``8090`` of
``zeo.example.com``. The ZEO server writes its log file to
``/var/tmp/zeo.log`` and uses a custom format for each line. Assuming the
example configuration it stored in ``zeo.config``, you can run a server by
typing:: typing::
python runzeo -C zeo.config runzeo -C zeo.config
A configuration file consists of a <zeo> section and a storage A configuration file consists of a <zeo> section and a storage
section, where the storage section can use any of the valid ZODB section, where the storage section can use any of the valid ZODB
storage types. It may also contain an eventlog configuration. See storage types. It may also contain an eventlog configuration. See
the document "Configuring a ZODB database" for more information about ZODB documentation for information on configuring storages. See
configuring storages and eventlogs. `Configuring event logs <logs.rst>`_ for information on configuring
server logs.
An **easy way to get started** with configuration is to run an add-hoc
server and copy the generated configuration.
The zeo section must list the address. All the other keys are The zeo section must list the address. All the other keys are
optional. optional.
...@@ -248,99 +272,77 @@ read-only ...@@ -248,99 +272,77 @@ read-only
invalidation-queue-size invalidation-queue-size
The storage server keeps a queue of the objects modified by the The storage server keeps a queue of the objects modified by the
last N transactions, where N == invalidation_queue_size. This last N transactions, where N == invalidation_queue_size. This
queue is used to speed client cache verification when a client queue is used to support client cache verification when a client
disconnects for a short period of time. disconnects for a short period of time.
transaction-timeout invalidation-age
The maximum amount of time to wait for a transaction to commit The maximum age of a client for which quick-verification
after acquiring the storage lock, specified in seconds. If the invalidations will be provided by iterating over the served
transaction takes too long, the client connection will be closed storage. This option should only be used if the served storage
and the transaction aborted. supports efficient iteration from a starting point near the
end of the transaction history (e.g. end of file).
authentication-protocol
The name of the protocol used for authentication. The
only protocol provided with ZEO is "digest," but extensions
may provide other protocols.
authentication-database
The path of the database containing authentication credentials.
authentication-realm
The authentication realm of the server. Some authentication
schemes use a realm to identify the logic set of usernames
that are accepted by this server.
Configuring clients
-------------------
The ZEO client can also be configured using ZConfig. The ZODB.config transaction-timeout
module provides several function for opening a storage based on its The maximum amount of time, in seconds, to wait for a
configuration. transaction to commit after acquiring the storage lock,
specified in seconds. If the transaction takes too long, the
- ZODB.config.storageFromString() client connection will be closed and the transaction aborted.
- ZODB.config.storageFromFile()
- ZODB.config.storageFromURL()
The ZEO client configuration requires the server address be
specified. Everything else is optional. An example configuration is::
<zeoclient> This defaults to 30 seconds.
server zeo.example.com:8090
</zeoclient>
The other configuration options are listed below. client-conflict-resolution
Flag indicating that clients should perform conflict
resolution. This option defaults to false.
cache-size Server SSL configuration
The maximum size of the client cache, in bytes. ~~~~~~~~~~~~~~~~~~~~~~~~
name A server can optionally support SSL. Do do so, include a `ssl`
The storage name. If unspecified, the address of the server subsection of the ZEO section, as in::
will be used as the name.
client <zeo>
Enables persistent cache files. The string passed here is address zeo.example.com:8090
used to construct the cache filenames. If it is not <ssl>
specified, the client creates a temporary cache that will certificate server_certificate.pem
only be used by the current object. key server_certificate_key.pem
</ssl>
</zeo>
var <filestorage>
The directory where persistent cache files are stored. By path /var/tmp/Data.fs
default cache files, if they are persistent, are stored in </filestorage>
the current directory.
min-disconnect-poll <eventlog>
The minimum delay in seconds between attempts to connect to <logfile>
the server, in seconds. Defaults to 5 seconds. path /var/tmp/zeo.log
format %(asctime)s %(message)s
</logfile>
</eventlog>
max-disconnect-poll The ``ssl`` section has settings:
The maximum delay in seconds between attempts to connect to
the server, in seconds. Defaults to 300 seconds.
wait certificate
A boolean indicating whether the constructor should wait The path to an SSL certificate file for the server. (required)
for the client to connect to the server and verify the cache
before returning. The default is true.
read-only key
A flag indicating whether this should be a read-only storage, The path to the SSL key file for the server certificate (if not
defaulting to false (i.e. writing is allowed by default). included in certificate file).
read-only-fallback password-function
A flag indicating whether a read-only remote storage should be The dotted name if an importable function that, when imported, returns
acceptable as a fallback when no writable storages are the password needed to unlock the key (if the key requires a password.)
available. Defaults to false. At most one of read_only and
read_only_fallback should be true.
realm authenticate
The authentication realm of the server. Some authentication The path to a file or directory containing client certificates
schemes use a realm to identify the logic set of usernames to authenticate. ((See the ``cafile`` and ``capath``
that are accepted by this server. parameters in the Python documentation for
``ssl.SSLContext.load_verify_locations``.)
A ZEO client can also be created by calling the ClientStorage If this setting is used. then certificate authentication is
constructor explicitly. For example:: used to authenticate clients. A client must be configured
with one of the certificates supplied using this setting.
from ZEO.ClientStorage import ClientStorage This option assumes that you're using self-signed certificates.
storage = ClientStorage(("zeo.example.com", 8090))
Running the ZEO server as a daemon Running the ZEO server as a daemon
---------------------------------- ----------------------------------
...@@ -351,134 +353,297 @@ provides two tools for running daemons: zdrun.py and zdctl.py. You can ...@@ -351,134 +353,297 @@ provides two tools for running daemons: zdrun.py and zdctl.py. You can
find zdaemon and it's documentation at find zdaemon and it's documentation at
http://pypi.python.org/pypi/zdaemon. http://pypi.python.org/pypi/zdaemon.
Note that ``runzeo`` makes no attempt to implemnt a well behaved
daemon. It expects that functionality to be provided by a wrapper like
zdaemon or supervisord.
Rotating log files Rotating log files
~~~~~~~~~~~~~~~~~~ ------------------
ZEO will re-initialize its logging subsystem when it receives a ``runzeo`` will re-initialize its logging subsystem when it receives a
SIGUSR2 signal. If you are using the standard event logger, you SIGUSR2 signal. If you are using the standard event logger, you
should first rename the log file and then send the signal to the should first rename the log file and then send the signal to the
server. The server will continue writing to the renamed log file server. The server will continue writing to the renamed log file
until it receives the signal. After it receives the signal, the until it receives the signal. After it receives the signal, the
server will create a new file with the old name and write to it. server will create a new file with the old name and write to it.
Tools ZEO Clients
----- ===========
To use a ZEO server, you need to connect to it using a ZEO client
storage. You create client storages either using a Python API or
using a ZODB storage configuration in a ZODB storage configuration
section.
Python API for creating a ZEO client storage
--------------------------------------------
To create a client storage from Python, use the ``ZEO.client``
function::
import ZEO
client = ZEO.client(8200)
In the example above, we created a client that connected to a storage
listening on port 8200 on local host. The first argument is an
address, or list of addresses to connect to. There are many additinal
options, decumented below that should be given as keyword arguments.
Addresses can be:
- A host/port tuple
- An integer, which implies that the host is '127.0.0.1'
- A unix domain socket file name.
Options:
cache_size
The cache size in bytes. This defaults to a 20MB.
cache
The ZEO cache to be used. This can be a file name, which will
cause a persisetnt standard persistent ZEO cache to be used and
stored in the given name. This can also be an object that
implements ``ZEO.interfaces.ICache``.
If not specified, then a non-persistent cache will be used.
blob_dir
The name of a directory to hold/cache blob data downloaded from the
server. This must be provided if blobs are to be used. (Of
course, the server storage must be configured to use blobs as
well.)
There are a few scripts that may help running a ZEO server. The shared_blob_dir
zeopack script connects to a server and packs the storage. It can A client can use a network files system (or a local directory if
be run as a cron job. The zeopasswd.py script the server runs on the same machine) to share a blob directory with
manages a ZEO servers password database. the server. This allows downloading of blobs (except via a
distributed file system) to be avoided.
Diagnosing problems blob_cache_size
------------------- The size of the blob cache in bytes. IF unset, then blobs will
accumulate. If set, then blobs are removed when the total size
exceeds this amount. Blobs accessed least recently are removed
first.
If an exception occurs on the server, the server will log a traceback blob_cache_size_check
and send an exception to the client. The traceback on the client will The total size of data to be downloaded to trigger blob cache size
show a ZEO protocol library as the source of the error. If you need reduction. The defaukt is 10 (percent). This controls how often to
to diagnose the problem, you will have to look in the server log for remove blobs from the cache.
the rest of the traceback.
Compatibility ssl
============= An ``ssl.SSLContext`` object used to make SSL connections.
ZEO 4.0.0 requires Python 2.6 or later. ssl_server_hostname
Host name to use for SSL host name checks.
Note -- If using SSL and if host name checking is enabled in the given SSL
When using ZEO and upgrading from Python 2.4, you need to upgrade context then use this as the value to check. If an address is a
clients and servers at the same time, or upgrade clients first and host/port pair, then this defaults to the host in the address.
then servers. Clients running Python 2.5 or 2.6 will work with
servers running Python 2.4. Clients running Python 2.4 won't work
properly with servers running Python 2.5 or later due to changes in
the way Python implements exceptions.
For a long time ZEO has been distributes with ZODB. ZEO 4 is read_only
is now maintained as a separate project. Set to true for a read-only connection.
ZEO clients from ZODB 3.2 on can talk to ZEO 4.0 servers. If false (the default), then request a read/write connection.
ZEO 4.0 clients talk to ZODB 3.8, 3.9, and 3.10 and ZEO 4.0 servers.
Note -- This option is ignored if ``read_only_fallback`` is set to a true value.
ZEO 4.0 servers don't support undo for clients older than ZODB 3.10.
Testing for downloaders read_only_fallback
======================= Set to true, then prefer a read/write connection, but be willing to
use a read-only connection. This defaults to a false value.
You can run the tests with:: If ``read_only_fallback`` is set, then ``read_only`` is ignored.
python setup.py test wait_timeout
How long to wait for an initial connection, defaulting to 30
seconds. If an initial connection can't be made within this time
limit, then creation of the client storage will fail with a
``ZEO.Exceptions.ClientDisconnected`` exception.
however, there's an issue with getting the dependencies installed After the initial connection, if the client is disconnected:
propely in a single run. If the first run fails installing
dependencies, try running the above command a second time.
Testing for Developers - In-flight server requests will fail with a
====================== ``ZEO.Exceptions.ClientDisconnected`` exception.
The ZEO checkouts are `buildouts <http://www.python.org/pypi/zc.buildout>`_. - New requests will block for up to ``wait_timeout`` waiting for a
When working from a ZODB checkout, first run the bootstrap.py script connection to be established before failing with a
to initialize the buildout: ``ZEO.Exceptions.ClientDisconnected`` exception.
% python bootstrap.py client_label
A short string to display in *server* logs for an event relating to
this client. This can be helpful when debugging.
disconnect_poll
The delay in seconds between attempts to connect to the
server, in seconds. Defaults to 1 second.
Configuration strings/files
---------------------------
ZODB databases and storages can be configured using configuration
files, or strings (extracted from configuration files). They use the
same syntax as the server configuration files described above, but
with different sections and options.
An application that used ZODB might configure it's database using a
string like::
<zodb>
cache-size-bytes 1000MB
<filestorage>
path /var/lib/Data.fs
</filestorage>
</zodb>
In this example, we configured a ZODB database with a object cache
size of 1GB. Inside the database, we configured a file storage. The
``filestorage`` section provided file-storage parameters. We saw a
similar section in the storage-server configuration example in `Server
configuration`_.
To configure a client storage, you use a ``clientstorage`` section,
but first you have to import it's definition, because ZEO isn't built
into ZODB. Here's an example::
<zodb>
cache-size-bytes 1000MB
%import ZEO
<clientstorage>
server 8200
</clientstorage>
</zodb>
In this example, we defined a client storage that connected to a
server on port 8200.
The following settings are supported:
cache-size
The cache size in bytes, KB or MB. This defaults to a 20MB.
Optional ``KB`` or ``MB`` suffixes can (and usually are) used to
specify units other than bytes.
cache-path
The file path of a persistent cache file
blob-dir
The name of a directory to hold/cache blob data downloaded from the
server. This must be provided if blobs are to be used. (Of
course, the server storage must be configured to use blobs as
well.)
shared-blob-dir
A client can use a network files system (or a local directory if
the server runs on the same machine) to share a blob directory with
the server. This allows downloading of blobs (except via a
distributed file system) to be avoided.
blob-cache-size
The size of the blob cache in bytes. IF unset, then blobs will
accumulate. If set, then blobs are removed when the total size
exceeds this amount. Blobs accessed least recently are removed
first.
blob-cache-size-check
The total size of data to be downloaded to trigger blob cache size
reduction. The defaukt is 10 (percent). This controls how often to
remove blobs from the cache.
read-only
Set to true for a read-only connection.
If false (the default), then request a read/write connection.
This option is ignored if ``read_only_fallback`` is set to a true value.
read-only-fallback
Set to true, then prefer a read/write connection, but be willing to
use a read-only connection. This defaults to a false value.
and then use the buildout script to build ZODB and gather the dependencies: If ``read_only_fallback`` is set, then ``read_only`` is ignored.
% bin/buildout wait_timeout
How long to wait for an initial connection, defaulting to 30
seconds. If an initial connection can't be made within this time
limit, then creation of the client storage will fail with a
``ZEO.Exceptions.ClientDisconnected`` exception.
This creates a test script: After the initial connection, if the client is disconnected:
% bin/test -v - In-flight server requests will fail with a
``ZEO.Exceptions.ClientDisconnected`` exception.
This command will run all the tests, printing a single dot for each - New requests will block for up to ``wait_timeout`` waiting for a
test. When it finishes, it will print a test summary. The exact connection to be established before failing with a
number of tests can vary depending on platform and available ``ZEO.Exceptions.ClientDisconnected`` exception.
third-party libraries.::
Ran 1182 tests in 241.269s client_label
A short string to display in *server* logs for an event relating to
this client. This can be helpful when debugging.
OK disconnect_poll
The delay in seconds between attempts to connect to the
server, in seconds. Defaults to 1 second.
The test script has many more options. Use the ``-h`` or ``--help`` Client SSL configuration
options to see a file list of options. The default test suite omits ~~~~~~~~~~~~~~~~~~~~~~~~
several tests that depend on third-party software or that take a long
time to run. To run all the available tests use the ``--all`` option.
Running all the tests takes much longer.::
Ran 1561 tests in 1461.557s An ``ssl`` subsection can be used to enable and configure SSL, as in::
OK %import ZEO
More information <clientstorage>
================ server zeo.example.com8200
<ssl>
</ssl>
</clientstorage>
For more information on ZEO, see http://zodb.org In the example above, SSL is enabled in it's simplest form:
There is a Mailman mailing list in place to discuss all issues related - The cient expects the server to have a signed certificate, which the
to ZODB, including ZEO. You can send questions to client validates.
zodb-dev@zope.org - The server server host name ``zeo.example.com`` is checked against
the server's certificate.
or subscribe at A number of settings can be provided to configure SSL:
http://lists.zope.org/mailman/listinfo/zodb-dev certificate
The path to an SSL certificate file for the client. This is
needed to allow the server to authenticate the client.
and view its archives at key
The path to the SSL key file for the client certificate (if not
included in the certificate file).
http://lists.zope.org/pipermail/zodb-dev password-function
A dotted name if an importable function that, when imported, returns
the password needed to unlock the key (if the key requires a password.)
Note that Zope mailing lists have a subscriber-only posting policy. authenticate
The path to a file or directory containing server certificates
to authenticate. ((See the ``cafile`` and ``capath``
parameters in the Python documentation for
``ssl.SSLContext.load_verify_locations``.)
Bugs and Patches If this setting is used. then certificate authentication is
================ used to authenticate the server. The server must be configuted
with one of the certificates supplied using this setting.
Bug reports and patches should be added to the Launchpad: check-hostname
This is a boolean setting that defaults to true. Verify the
host name in the server certificate is as expected.
https://launchpad.net/zodb server-hostname
The expected server host name. This defaults to the host name
used in the server address. This option must be used when
``check-hostname`` is true and when a server address has no host
name (localhost, or unix domain socket) or when there is more
than one seerver and server hostnames differ.
Using this setting implies a true value for the ``check-hostname`` setting.
..
Local Variables:
mode: indented-text
indent-tabs-mode: nil
sentence-end-double-space: t
fill-column: 70
End:
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment