-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support uds and tcp in parallel #1009
Support uds and tcp in parallel #1009
Conversation
e2be276
to
24d361a
Compare
3738e5e
to
6f8171f
Compare
Looking at the size of this PR, I'd tackle the changes to SELinux and the documentation update (incl. updating our architecture diagrams, getting started guide, etc.) in dedicated PRs. Added these to the list of Acceptance Criteria in #997. |
Relates to: eclipse-bluechi#997 In order to support to run TCP/IP and UDS (via systemds socket activation), an event source is being added to the loop for both methods. The systemd socket unit might be changed so that the used TCP/IP address collides with the configured ControllerPort. This is being detected and causes the controller to skip setting up the duplicated TCP/IP handler - socket activation has precedence. Additionally, to only accept connection requests via UDS, another configuration option UseTCP has been added. If set to true, setting up the handler for TCP/IP will be skipped. By default, TCP will be used. Additionally, integration tests were added to verify the socket activation as well as the new UseTCP configuration option. Signed-off-by: Michael Engel <mengel@redhat.com>
Relates to: eclipse-bluechi#997 Due to the systemd socket unit for the bluechi-controller multiple connection mechanisms such as TCP or UDS are supported. However, it is not possible to start BlueChi directly (or the systemd service) and use UDS since the FD for it gets passed from the socket unit. In order to support this, another connection handler has been added as well as the corresponding configuration option UseUDS, which is set to false by default. A collision of the systemd socket unit and the built-in UDS is being detected, logged and proceeded since the desired event source is available. Additionally, a meson option has been added to simplify using the same UDS path everywhere. Signed-off-by: Michael Engel <mengel@redhat.com>
6f8171f
to
5c8cbc4
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
I do think we might want to eventually reconsider defaulting tcp to off and be more aggressive towards doing network access via TLS proxies that then connect locally to the controller via UDS. But that is for the future. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Relates to: #997
Added UDS support without sock activation
Due to the systemd socket unit for the bluechi-controller multiple connection mechanisms such as TCP or UDS are supported. However, it is not possible to start BlueChi directly (or the systemd service) and use UDS since the FD for it gets passed from the socket unit. In order to support this, another connection handler has been added as well as the corresponding configuration option UseUDS, which is set to false by default. A collision of the systemd socket unit and the built-in UDS is being detected, logged and proceeded since the desired event source is available. Additionally, a meson option has been added to simplify using the same UDS path everywhere.
Add support to run TCP/IP and UDS (via socket activation) in parallel
In order to support to run TCP/IP and UDS (via systemds socket activation), an event source is being added to the loop for both methods. The systemd socket unit might be changed so that the used TCP/IP address collides with the configured ControllerPort. This is being detected and causes the controller to skip setting up the duplicated TCP/IP handler - socket activation has precedence. Additionally, to only accept connection requests via UDS, another configuration option UseTCP has been added. If set to true, setting up the handler for TCP/IP will be skipped. By default, TCP will be used. Additionally, integration tests were added to verify the socket activation as well as the new UseTCP configuration option.
Signed-off-by: Michael Engel mengel@redhat.com
Missing
- [ ] SELinux policy needs to be refined for UDS- [ ] Documentation has been updated