README
¶
grpcfd is a simple set of tools to allow sending unix file descriptors over grpc when the grpc connection utilizes unix file sockets.
Introduction
On a POSIX system (ie Linux), whenever a process opens a file, it had an integer 'file descriptor' (usually abbreviated fd) that acts as a handle for that open file.
On a POSIX system, an open fd can be sent over an open socket connection to another process if and only if that socket connection is over a unix file socket. This allows the other process to access that open file itself, even if it normally couldn't open it because the file was in a different mount namespace.
Since in POSIX almost everything is a file, this means shared memory, normal files, even sockets themselves can be passed along with a GRPC RPC call.
GRPC is a popular high-performance, open source universal RPC framework with excellent Go support
When using the GRPC Go implementation, you do not normally have access to the net.Conn, and thus would not be able to send file descriptors over a connection in use for GRPC.
Client Setup
Simply wrap whatever normal transport credentials you use (nil is an acceptable value) using
go grpcfd.TransportCredentials as a go grpc.WithTransportCredentials go grpc.DialOption when dialing:
var creds credentials.TransportCredentials
cc, err := grpc.DialContext(ctx ,grpc.WithTransportCredentials(grpcfd.TransportCredentials(creds)))
Note: If your client already using PerRPCCredentials by default consider to use:
var creds credentials.TransportCredentials
cc, err := grpc.DialContext(ctx, grpc.WithTransportCredentials(grpcfd.TransportCredentials(creds)), grpcfd.WithChainStreamInterceptor(), grpcfd.WithChainUnaryInterceptor())
This allows to grpcfd do not overwrite your grpc.PerRPCCredentials.
Server Setup
Simply wrap whatever normal credentials you use (nil is an acceptable value) using
go grpcfd.TransportCredentials as a go grpc.Creds go grpc.ServerOption when creating a go *grpc.Server
var creds credentials.TransportCredentials
server := grpc.NewServer(grpc.Creds(grpcfd.TransportCredentials(creds))
Client To Server Example
Client sending a file descriptor (fd) to Server
// Wrap existing grpc.PerRPCCredentials using grpcfd.PerRPCredentials(...)
perRPCCredentials := grpcfd.PerRPCCredentials(perRPCCredentialsCanBeNilHere)
// Extract a grpcfd.FDSender from the rpcCredentials
sender, _ := grpcfd.FromPerRPCCredentials(perRPCCredentials)
// Send a file
errCh := sender.SendFilename(filename)
select {
case err := <-errCh:
// If and error is immediately return... the file probably doesn't exist, handle that immediately
default:
// Don't wait for any subsequent errors... they won't arrive till after we've sent the GRPC message
// errCh will be closed after File is sent
}
client.MyRPC(ctx,arg,grpc.PerRPCCredentials(perRPCCredentials))
Server receiving a file descriptor (fd) from a Client
func (*myRPCImpl) MyRPC(ctx,arg) {
// Extract a grpcfd.FDRecver from the ctx. ok == false if one is not available
recv, ok := grpcfd.FromContext(ctx)
// Attempt to receive a filed by using a URL of the form inode://{{dev}}/{{ino}} where dev and ino are the values
// from
fileCh, err := recv.RecvFileByURL(inodeURLStr)
}
Server To Client Example
Server sending a file descriptor (fd) to Client
func (*myRPCImpl) MyRPC(ctx,arg) {
// Extract a grpcfd.FDRecver from the ctx. ok == false if one is not available
sender, ok := grpcfd.FromContext(ctx)
// Send a file
errCh := sender.SendFilename(filename)
select {
case err := <-errCh:
// If and error is immediately return... the file probably doesn't exist, handle that immediately
default:
// Don't wait for any subsequent errors... they won't arrive till after we've sent the GRPC message
// errCh will be closed after File is sent
}
...
return
}
Client receiving file descriptor (fd) from Server
// Wrap existing grpc.PerRPCCredentials using grpcfd.PerRPCredentials(...)
perRPCCredentials := grpcfd.PerRPCCredentials(perRPCCredentialsCanBeNilHere)
// Extract a grpcfd.FDRecver from the ctx. ok == false if one is not available
recv, ok := grpcfd.FromContext(ctx)
client.MyRPC(ctx,arg,grpc.PerRPCCredentials(perRPCCredentials))
// Attempt to receive a filed by using a URL of the form inode://{{dev}}/{{ino}} where dev and ino are the values
// from
fileCh, err := recv.RecvFileByURL(inodeURLStr)
Documentation
¶
Overview ¶
Package grpcfd provides a TransportCredential that can wrap other TransportCredentials and cause the peer.Addr to be a FDSender or FDRecver such that it can send or receive files over unix file sockets (if available).
Index ¶
- func CaptureSender(capturer func(FDSender), dialopts ...grpc.DialOption) (opts []grpc.DialOption, ok bool)
- func FDToURL(fd uintptr) (*url.URL, error)
- func FileToURL(file SyscallConn) (u *url.URL, err error)
- func FilenameToURL(filename string) (u *url.URL, err error)
- func PerRPCCredentials(cred credentials.PerRPCCredentials) credentials.PerRPCCredentials
- func PerRPCCredentialsFromCallOptions(opts ...grpc.CallOption) credentials.PerRPCCredentials
- func TransportCredentials(cred credentials.TransportCredentials, capturers ...func(FDSender)) credentials.TransportCredentials
- func URLStringToDevIno(urlstr string) (dev, ino uint64, err error)
- func URLToDevIno(u *url.URL) (dev, ino uint64, err error)
- func WithChainStreamInterceptor() grpc.DialOption
- func WithChainUnaryInterceptor() grpc.DialOption
- func WithTransportCredentials(creds credentials.TransportCredentials, capturers ...func(FDSender)) grpc.DialOption
- type FDRecver
- type FDSender
- type FDTransceiver
- type SyscallConn
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CaptureSender ¶
func CaptureSender(capturer func(FDSender), dialopts ...grpc.DialOption) (opts []grpc.DialOption, ok bool)
CaptureSender - given a list of dialopts ... if one of them is a grpcfd.TransportCredentials option... add another capturer to capture FDSenders on dial
func FileToURL ¶
func FileToURL(file SyscallConn) (u *url.URL, err error)
FileToURL converts file to URL of inode://${dev}/${ino}
func FilenameToURL ¶
FilenameToURL converts filename to URL of inode://${dev}/${ino}
func PerRPCCredentials ¶
func PerRPCCredentials(cred credentials.PerRPCCredentials) credentials.PerRPCCredentials
PerRPCCredentials - per rpc credentials that will, in addition to applying cred, invoke sendFunc Note: Must be used in concert with grpcfd.TransportCredentials
func PerRPCCredentialsFromCallOptions ¶
func PerRPCCredentialsFromCallOptions(opts ...grpc.CallOption) credentials.PerRPCCredentials
PerRPCCredentialsFromCallOptions - extract credentials.PerRPCCredentials from a list of grpc.CallOptions
func TransportCredentials ¶
func TransportCredentials(cred credentials.TransportCredentials, capturers ...func(FDSender)) credentials.TransportCredentials
TransportCredentials - transport credentials that will, in addition to applying cred, cause peer.Addr to supply the FDSender and FDRecver interfaces
func URLStringToDevIno ¶
URLStringToDevIno converts url of form inode://${dev}/${ino} to dev,ino
func URLToDevIno ¶
URLToDevIno - converts url of form inode://${dev}/${ino} url to dev,ino
func WithChainStreamInterceptor ¶
func WithChainStreamInterceptor() grpc.DialOption
WithChainStreamInterceptor returns a DialOption that specifies the chained interceptor for streaming RPCs.This interceptor combines all grpc.PerRPCCredsCallOption options into one. That allows using a few credentials.PerRPCCredentials passed from default call options and from the client call.
func WithChainUnaryInterceptor ¶
func WithChainUnaryInterceptor() grpc.DialOption
WithChainUnaryInterceptor returns a DialOption that specifies the chained interceptor for unary RPCs. This interceptor combines all grpc.PerRPCCredsCallOption options into one. That allows using a few credentials.PerRPCCredentials passed from default call options and from the client call.
func WithTransportCredentials ¶
func WithTransportCredentials(creds credentials.TransportCredentials, capturers ...func(FDSender)) grpc.DialOption
WithTransportCredentials - drop in replacement for grpc.WithTransportCredentials, that will, in addition to applying cred, cause peer.Addr to supply the FDSender and FDRecver interfaces.
Types ¶
type FDRecver ¶
type FDRecver interface {
RecvFD(dev, inode uint64) <-chan uintptr
RecvFile(dev, ino uint64) <-chan *os.File
RecvFileByURL(urlStr string) (<-chan *os.File, error)
RecvFDByURL(urlStr string) (<-chan uintptr, error)
}
FDRecver - capable of Recving an fd by (dev,ino)
type FDSender ¶
type FDSender interface {
SendFD(fd uintptr) <-chan error
SendFile(file SyscallConn) <-chan error
SendFilename(filename string) <-chan error
}
FDSender - capable of Sending a file
type FDTransceiver ¶
FDTransceiver - combination of FDSender and FDRecver
func FromContext ¶
func FromContext(ctx context.Context) (transceiver FDTransceiver, ok bool)
FromContext - return grpcfd.FDTransceiver from context.Context
ok is true of successful, false otherwise
func FromPeer ¶
func FromPeer(p *peer.Peer) (transceiver FDTransceiver, ok bool)
FromPeer - return grpcfd.FDTransceiver from peer.Peer
ok is true of successful, false otherwise
func FromPerRPCCredentials ¶
func FromPerRPCCredentials(rpcCredentials credentials.PerRPCCredentials) (transceiver FDTransceiver, ok bool)
FromPerRPCCredentials - return grpcfd.FDTransceiver from credentials.PerRPCCredentials
ok is true of successful, false otherwise
type SyscallConn ¶
SyscallConn - having the SyscallConn method to access syscall.RawConn
Source Files