Class Security
Security configuration for a Dask cluster.
Declaration
class Security
source linkDocumentation
Default values are loaded from Dask's configuration files, and can be
overridden in the constructor.
Attributes
- require_encryption : bool
Whether TLS encryption is required for all connections.
- tls_ca_file : str
Path to a CA certificate file encoded in PEM format.
- tls_ciphers : str
An OpenSSL cipher string of allowed ciphers. If not provided, the
system defaults will be used.
- tls_client_cert : str
Path to a certificate file for the client, encoded in PEM format.
- tls_client_key : str
Path to a key file for the client, encoded in PEM format.
Alternatively, the key may be appended to the cert file, and this
parameter be omitted.
- tls_scheduler_cert : str
Path to a certificate file for the scheduler, encoded in PEM format.
- tls_scheduler_key : str
Path to a key file for the scheduler, encoded in PEM format.
Alternatively, the key may be appended to the cert file, and this
parameter be omitted.
- tls_worker_cert : str
Path to a certificate file for a worker, encoded in PEM format.
- tls_worker_key : str
Path to a key file for a worker, encoded in PEM format.
Alternatively, the key may be appended to the cert file, and this
parameter be omitted.
Methods
▷ def __init__(self, require_encryption=None, **kwargs) ▷ def get_connection_args(self, role) Get the *connection_args* argument for a connect() call with the given *role*.
▷ def get_listen_args(self, role) Get the *connection_args* argument for a listen() call with the given *role*.
Class methods
▶ def temporary(cls) @classmethod Create a new temporary Security object.
@classmethod
def temporary(cls)
This creates a new self-signed key/cert pair suitable for securing
communication for all roles in a Dask cluster. These keys/certs exist
only in memory, and are stored in this object.
This method requires the library ``cryptography`` be installed.
Reexports