Skip to content

Commit

Permalink
fix_tls_issue (#1376)
Browse files Browse the repository at this point in the history 
Signed-off-by: Ishant Thakare <ishantrog752@gmail.com>
  • Loading branch information
@ishant162
ishant162 authored Feb 14, 2025
1 parent 6bbf9b6 commit e1db792
Show file tree
Hide file tree
Showing 4 changed files with 30 additions and 15 deletions.
4 changes: 1 addition & 3 deletions ...kspace/experimental/workflow/AggregatorBasedWorkflow/workspace/plan/defaults/network.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,6 @@ template: openfl.federation.Network
settings:
agg_addr : auto
agg_port : auto
hash_salt : auto
tls : True
client_reconnect_interval : 5
disable_client_auth : False
cert_folder : cert
disable_client_auth : False
17 changes: 8 additions & 9 deletions openfl/experimental/workflow/federated/plan/plan.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,7 @@ def parse(
f"[blue]{plan_config_path}[/].",
extra={"markup": True},
)
Plan.dump(plan_config_path, plan.config)
Plan.logger.info(dump(plan.config))

return plan
Expand Down Expand Up @@ -338,7 +339,7 @@ def get_collaborator(
private_key=None,
certificate=None,
client=None,
tls=False,
tls=True,
envoy_config=None,
) -> "Collaborator":
"""Get collaborator.
Expand Down Expand Up @@ -406,7 +407,7 @@ def get_client(
root_certificate=None,
private_key=None,
certificate=None,
tls=False,
tls=True,
) -> AggregatorGRPCClient:
"""Get gRPC client for the specified collaborator.
Expand All @@ -425,8 +426,8 @@ def get_client(
Returns:
AggregatorGRPCClient: gRPC client for the specified collaborator.
"""
common_name = collaborator_name
if not root_certificate or not private_key or not certificate:
if tls and not (root_certificate and private_key and certificate):
common_name = collaborator_name
root_certificate = "cert/cert_chain.crt"
certificate = f"cert/client/col_{common_name}.crt"
private_key = f"cert/client/col_{common_name}.key"
Expand All @@ -438,7 +439,6 @@ def get_client(
client_args["root_certificate"] = root_certificate
client_args["certificate"] = certificate
client_args["private_key"] = private_key
client_args["tls"] = tls

client_args["aggregator_uuid"] = aggregator_uuid
client_args["federation_uuid"] = federation_uuid
Expand All @@ -453,7 +453,7 @@ def get_server(
root_certificate=None,
private_key=None,
certificate=None,
tls=False,
tls=True,
director_config=None,
**kwargs,
) -> AggregatorGRPCServer:
Expand All @@ -474,9 +474,8 @@ def get_server(
Returns:
AggregatorGRPCServer: gRPC server of the aggregator instance.
"""
common_name = self.config["network"][SETTINGS]["agg_addr"].lower()

if not root_certificate or not private_key or not certificate:
if tls and not (root_certificate and private_key and certificate):
common_name = self.config["network"][SETTINGS]["agg_addr"].lower()
root_certificate = "cert/cert_chain.crt"
certificate = f"cert/server/agg_{common_name}.crt"
private_key = f"cert/server/agg_{common_name}.key"
Expand Down
2 changes: 2 additions & 0 deletions openfl/experimental/workflow/runtime/federated_runtime.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,8 @@ def prepare_workspace_archive(self) -> Tuple[Path, str]:
archive_path, exp_name = WorkspaceExport.export_federated(
notebook_path=self.notebook_path,
output_workspace="./generated_workspace",
director_fqdn=self.director["director_node_fqdn"],
tls=self.tls,
)
return archive_path, exp_name

Expand Down
22 changes: 19 additions & 3 deletions openfl/experimental/workflow/workspace_export/export.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
import yaml
from nbdev.export import nb_export

from openfl.experimental.workflow.federated.plan import Plan
from openfl.experimental.workflow.interface.cli.cli_helper import print_tree

logger = getLogger(__name__)
Expand Down Expand Up @@ -276,20 +277,24 @@ def __write_yaml(self, path, data) -> None:
yaml.safe_dump(data, y)

@classmethod
def export_federated(cls, notebook_path: str, output_workspace: str) -> Tuple[str, str]:
def export_federated(
cls, notebook_path: str, output_workspace: str, director_fqdn: str, tls: bool = False
) -> Tuple[str, str]:
"""Exports workspace for FederatedRuntime.
Args:
notebook_path (str): Path to the Jupyter notebook.
output_workspace (str): Path for the generated workspace directory.
director_fqdn (str): Fully qualified domain name of the director node.
tls (bool, optional): Whether to use TLS for the connection.
Returns:
Tuple[str, str]: A tuple containing:
(archive_path, flow_class_name).
"""
instance = cls(notebook_path, output_workspace)
instance.generate_requirements()
instance.generate_plan_yaml()
instance.generate_plan_yaml(director_fqdn, tls)
return instance.generate_experiment_archive()

@classmethod
Expand Down Expand Up @@ -357,9 +362,13 @@ def generate_requirements(self) -> None:
if i not in line_nos:
f.write(line)

def generate_plan_yaml(self) -> None:
def generate_plan_yaml(self, director_fqdn: str = None, tls: bool = False) -> None:
"""
Generates plan.yaml
Args:
director_fqdn (str): Fully qualified domain name of the director node.
tls (bool, optional): Whether to use TLS for the connection.
"""
flspec = importlib.import_module("openfl.experimental.workflow.interface").FLSpec
# Get flow classname
Expand Down Expand Up @@ -398,6 +407,13 @@ def update_dictionary(args: dict, data: dict, dtype: str = "args"):
kw_args = self.arguments_passed_to_initialize["kwargs"]
update_dictionary(kw_args, data, dtype="kwargs")

# Updating the aggregator address with director's hostname and tls settings in plan.yaml
if director_fqdn:
network_settings = Plan.parse(plan).config["network"]
data["network"] = network_settings
data["network"]["settings"]["agg_addr"] = director_fqdn
data["network"]["settings"]["tls"] = tls

self.__write_yaml(plan, data)

def generate_data_yaml(self) -> None: # noqa: C901
Expand Down

0 comments on commit e1db792

Please sign in to comment.