Open samgiles opened 8 years ago
It's likely overkill to have a process per service or per adapter in all cases. For instance, why would you do that for a service that only needs to do http calls? There's no inherent security issue.
But some will be OOP, as will the tunnel_controller. ipc-channel needs to be updated to support something like: the foxbox daemon opens a fd, launches the tunnel_controller with the fd as an argument, and establishes the ipc over this fd. That's similar to how we manage external daemons for hw access on b2g.
Agreed, it probably is overkill for most things - would be nice to support zero-downtime upgrades of services though; if that's something we want to support.
We should have a generic API though regardless of OOP or not, but it should support the OOP case.
ipc-channel supports fd passing already:
file descriptor passing over Unix sockets on Linux
The tunnel_controller
will be slightly different as we'll be launching a completely different binary written in Go and the requirement for IPC here is practically none - at this early stage, in the most basic of senses, we just need to make sure this external process is in one of two states: running
/!running
:)
Just to be sure, a service
is basically a driver, right?
If so, it would probably make sense to at least put them all in a process we can easily restart.
Adapters are responsible for discovery, and services and instances of things that are discovered. I can foresee different setup where the adapter could run oop, or the services themselves. I don't think it's important yet to focus on that, except for processes like the tunnel controller.
I don't think it's important yet to focus on that, except for processes like the tunnel controller.
Fair enough.
A
service
should probably run in a separate process - easy upgrades, safety from crashes etc. See brief discussion on #22.We should use https://github.com/servo/ipc-channel, it probably needs extending though:
These processes probably need some sort of supervisor to keep them alive. As will the
tunnel_controller
, which will control the lifecycle of the tunnel process.service
service
andcontroller
- probably CSP based on ipc-channel