Executable is a bundle of rpc endpoints entered via the command line
To run a function on another machine - ssh to the machine (assuming key based auth), transfer the executable, and call the endpoint by using appropriate CLI options.
Arguments are transferred as a file before making the call
Results are returned as a file after the call is done, the file is transferred back to the caller.
Potential issues:
transferring the arguments and getting results as file may be inefficient, need to create unique temp files for each call which can have its own failure scenarios to be handled.
To be able to make calls from any machine X to machine Y we need the private key to be forwarded by the agent, this can form a long chain of forwardings from machine to machine.
Searching for endpoint to call may be inefficient
Potential improvements:
To remove the ssh key forwarding from the picture, instead of using a forwarding agent, transfer the key as well to the remote host during the call. Or bake in the key in the executable itself? In that case, the executable should be made secure, should not be allowed to be executed by anyone else other than the trusted users. These machines can be assumed to be trusted and secure, so it might be ok.
assign a particular port for rpc, make the ssh call - forwarding the rpc port from remote to local host, run the executable on remote host if it is not already running, it starts listening on the rpc port, use TCP.pipeBytes to make a function call and get the results.
pipeBytes :: (MonadAsync m, MonadCatch m) => (Word8, Word8, Word8, Word8) -> PortNumber -> Stream m Word8 -> Stream m Word8
We can use a ssh connection pool, the connection may remain persistent and can be reused for multiple calls so that we do not have to establish it over and over again for multiple calls. This can make it very efficient.
Assign a unique number to each endpoint/function. Serialize the function-id, args to the pipeBytes call, the server would just deserialize it and make the call to the appropriate function, serialize the results and send it back to us.
Overview:
Potential issues:
Potential improvements:
TCP.pipeBytesto make a function call and get the results.