Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support uds and tcp in parallel #1009

Merged
merged 2 commits into from
Dec 13, 2024

Conversation

engelmi
Copy link
Member

@engelmi engelmi commented Dec 11, 2024

Relates to: #997

Added UDS support without sock activation

Due to the systemd socket unit for the bluechi-controller multiple connection mechanisms such as TCP or UDS are supported. However, it is not possible to start BlueChi directly (or the systemd service) and use UDS since the FD for it gets passed from the socket unit. In order to support this, another connection handler has been added as well as the corresponding configuration option UseUDS, which is set to false by default. A collision of the systemd socket unit and the built-in UDS is being detected, logged and proceeded since the desired event source is available. Additionally, a meson option has been added to simplify using the same UDS path everywhere.

Add support to run TCP/IP and UDS (via socket activation) in parallel

In order to support to run TCP/IP and UDS (via systemds socket activation), an event source is being added to the loop for both methods. The systemd socket unit might be changed so that the used TCP/IP address collides with the configured ControllerPort. This is being detected and causes the controller to skip setting up the duplicated TCP/IP handler - socket activation has precedence. Additionally, to only accept connection requests via UDS, another configuration option UseTCP has been added. If set to true, setting up the handler for TCP/IP will be skipped. By default, TCP will be used. Additionally, integration tests were added to verify the socket activation as well as the new UseTCP configuration option.

Signed-off-by: Michael Engel mengel@redhat.com

Missing

- [ ] SELinux policy needs to be refined for UDS
- [ ] Documentation has been updated

@engelmi engelmi force-pushed the support-uds-and-tcp-in-parallel branch 6 times, most recently from e2be276 to 24d361a Compare December 11, 2024 17:12
@engelmi engelmi force-pushed the support-uds-and-tcp-in-parallel branch 2 times, most recently from 3738e5e to 6f8171f Compare December 12, 2024 14:13
@engelmi
Copy link
Member Author

engelmi commented Dec 12, 2024

Looking at the size of this PR, I'd tackle the changes to SELinux and the documentation update (incl. updating our architecture diagrams, getting started guide, etc.) in dedicated PRs. Added these to the list of Acceptance Criteria in #997.

@engelmi engelmi marked this pull request as ready for review December 12, 2024 14:21
Relates to: eclipse-bluechi#997

In order to support to run TCP/IP and UDS (via systemds socket
activation), an event source is being added to the loop for both
methods. The systemd socket unit might be changed so that the used
TCP/IP address collides with the configured ControllerPort. This
is being detected and causes the controller to skip setting up the
duplicated TCP/IP handler - socket activation has precedence.
Additionally, to only accept connection requests via UDS, another
configuration option UseTCP has been added. If set to true, setting
up the handler for TCP/IP will be skipped. By default, TCP will be
used.
Additionally, integration tests were added to verify the socket
activation as well as the new UseTCP configuration option.

Signed-off-by: Michael Engel <mengel@redhat.com>
Relates to: eclipse-bluechi#997

Due to the systemd socket unit for the bluechi-controller multiple
connection mechanisms such as TCP or UDS are supported. However, it
is not possible to start BlueChi directly (or the systemd service)
and use UDS since the FD for it gets passed from the socket unit.
In order to support this, another connection handler has been added
as well as the corresponding configuration option UseUDS, which is
set to false by default. A collision of the systemd socket unit and
the built-in UDS is being detected, logged and proceeded since the
desired event source is available. Additionally, a meson option has
been added to simplify using the same UDS path everywhere.

Signed-off-by: Michael Engel <mengel@redhat.com>
@engelmi engelmi force-pushed the support-uds-and-tcp-in-parallel branch from 6f8171f to 5c8cbc4 Compare December 12, 2024 14:29
@coveralls
Copy link

Coverage Status

coverage: 81.013% (-0.005%) from 81.018%
when pulling 5c8cbc4 on engelmi:support-uds-and-tcp-in-parallel
into e1c7465 on eclipse-bluechi:main.

Copy link
Contributor

@alexlarsson alexlarsson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@alexlarsson
Copy link
Contributor

I do think we might want to eventually reconsider defaulting tcp to off and be more aggressive towards doing network access via TLS proxies that then connect locally to the controller via UDS.

But that is for the future.

Copy link
Member

@mwperina mwperina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@engelmi engelmi merged commit c31e3e5 into eclipse-bluechi:main Dec 13, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants