search

moleculerjs / moleculer

:rocket: Progressive microservices framework for Node.js
https://moleculer.services/
MIT License
6.12k stars 580 forks source link

Service Broker can't start in Intel SGX Enclave with Gramine #1207

Open marchukv opened 1 year ago

marchukv commented 1 year ago

Prerequisites

Please answer the following questions for yourself before submitting an issue.

Current Behavior

Intel SGX technology offers a confidential computing service. The Gramine project utilizes this technology to run Linux applications.

During initialization, the Moleculer Service Broker creates a NodeCatalog that requires a list of IP addresses. To obtain this list, the broker uses the networkInterfaces() method from the node:os module. However, this method utilizes the netlink system call to retrieve the list of network interfaces, which is not supported by Gramine.

As a result, when the Service Broker is started, it throws an error message of "Unknown system error 97".

Correct me if I'm wrong but as far I understand from the code this list of ips is needed only for TCP transporter and isn't usable for anothers transport types. That's why there is the question - how to avoid geting list of ips during Service Broker starting in correct way?

Expected Behavior

Service Broker starts correctly with Gramine.

Failure Information

[2023-05-08T14:14:29.097Z] INFO  tee-trusted-loader-1683555269091/BROKER: Moleculer v0.14.24 is starting...
[2023-05-08T14:14:29.097Z] INFO  tee-trusted-loader-1683555269091/BROKER: Namespace: default
[2023-05-08T14:14:29.097Z] INFO  tee-trusted-loader-1683555269091/BROKER: Node ID: tee-trusted-loader-1683555269091
[2023-05-08T14:14:29.098Z] INFO  tee-trusted-loader-1683555269091/REGISTRY: Strategy: RoundRobinStrategy
[2023-05-08T14:14:29.099Z] INFO  tee-trusted-loader-1683555269091/REGISTRY: Discoverer: LocalDiscoverer
[2023-05-08T14:14:29.099Z] FATAL tee-trusted-loader-1683555269091/BROKER: Unable to create ServiceBroker. SystemError [ERR_SYSTEM_ERROR]: A system error occurred: uv_interface_addresses returned Unknown system error 97 (Unknown system error 97)
    at __node_internal_captureLargerStackTrace (node:internal/errors:478:5)
    at new SystemError (node:internal/errors:238:5)
    at new NodeError (node:internal/errors:349:7)
    at __node_internal_checkError (node:os:68:13)
    at Object.networkInterfaces (node:os:267:16)
    at getIpList (/home/node/node_modules/moleculer/src/utils.js:172:25)
    at NodeCatalog.createLocalNode (/home/node/node_modules/moleculer/src/registry/node-catalog.js:47:17)
    at new NodeCatalog (/home/node/node_modules/moleculer/src/registry/node-catalog.js:35:8)
    at new Registry (/home/node/node_modules/moleculer/src/registry/registry.js:48:16)
    at new ServiceBroker (/home/node/node_modules/moleculer/src/service-broker.js:240:20)
    at MoleculerRunner.startBroker (/home/node/node_modules/moleculer/src/runner.js:507:17)
    at /home/node/node_modules/moleculer/src/runner.js:529:21 {
  code: 'ERR_SYSTEM_ERROR',
  info: { errno: 97, code: 'Unknown system error 97', message: 'Unknown system error 97', syscall: 'uv_interface_addresses' },
  errno: [Getter/Setter: 97],
  syscall: [Getter/Setter: 'uv_interface_addresses']

Steps to Reproduce

To reproduce this you need server with Intel SGX-compatible processor and correctly set up Gramine. Then try to start Moleculer

Reproduce code snippet

const broker = new ServiceBroker({
    logger: console,
    transporter: {type:'AMQP', options: {url:'amqp://localhost:5672'}
});

broker.start();

Context

Everuthing is described in Current Behavior section.

Failure Logs

GoTo Failure Information section

icebob commented 1 year ago

The IP addresses are used by TCP transporter and it's visible in nodes command in REPL. I think the easier solution is if we wrap the getIpList method in utils into a try...catch block and if an error occurs we return with an empty array. Could you create a PR with this change?