Enable use of a Cassandra proxy using the resty cluster interface

[mpenick]

Also, pass client certificates configuration through the cluster
interface to the peer options.

[thibaultcha]

Hi,

Thanks for the efforts, however, have you tested your changes in production? I doubt they will work, since unfortunately OpenResty's cosockets does not support TLS client certificate yet, hence why the limitation in this driver. Client certificates are supported by the LuaSocket fallback implemented by this driver for the init_by_lua phase (in which OpenResty's cosockets aren't supported), but those sockets should never be used after this phase or else they will block the NGINX workers' event loop.

Support for mTLS cosockets has recently been proposed by openresty/lua-resty-core#278 + openresty/lua-nginx-module#1602. Given that we are currently working on OpenResty 1.15.8.4 and 1.17.8.1 releases, these PRs aren't going to land in a mainstream release until later this year.

Also, in order for me to merge this I'd ask of you for tests and documentation around the new options, should we get there some day.

Best,

[mpenick]

Thanks so much for the feedback! Yes, we had to force lua sockets instead of ngx.socket for the reasons above. I'll re-open a PR when client certificates are better supported.