Affects Version/s: 1.10.9
Fix Version/s: None
Please see the following issue for Flower:
Flower and Airflow do not handle TLS-enable connections to Redis the same way. Thus, when providing the same broker URL to Flower that the one provided to Airflow, Flower cannot start/work.
There are several issues at hand here:
- Airflow by itself does handle its configuration correctly using `ssl_active`, but does not handle `rediss://`
- Flower by itself handles `rediss://` but does not handle an additionnal `ssl_active` option
- in the Helm chart for Airflow, there is no easy way to provide a configuration to Flower (Flower gets its configuration via the same configuration as Airflow, and thus cannot be correctly configured because Airflow would throw an exception)
See airflow/config_templates/default_celery.py where an exception is raised if `rediss://` is used.
A nice and quick fix would be to handle `rediss://` and drive the TLS-enabled mode is that protocol is used while `ssl_active` is also set to true. If `rediss://` is used but `ssl_active` is set to false, an exception could be raised to warn the user that the configuration is inconsistent.