Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pluggable message router in the bridge #5683

Closed
wants to merge 11 commits into from

Conversation

Projects
None yet
2 participants
@stefwalter
Copy link
Contributor

commented Jan 5, 2017

This starts work on a pluggable message router in the bridge. Where other processes handle certain channel types.

Channels get routed to other processes. Some of those processes include:

  • cockpit-pcp
  • cockpit-ssh
  • cockpit-bridge --privileged
  • cockpit-xdr mythical, but stuff like XDR needs such a C implementation, because it uses FD passing quite often.

These routable processes are declared in packages' manifest.json

  • cockpit-ssh is declared in the dashboard manifest.json
  • cockpit-pcp is declared in a new package pcp manifest.json
  • cockpit-bridge --privileged stuff is declared in the shell manifest.json
    They are declared like this:
/* pkg/pcp/manifest.json */
"bridges" = [
   {
      "match": { "payload": "metrics1" }
      "spawn": [ "cockpit-pcp" ],
   }
]

/* pkg/shell/manifest.json */
"bridges" = [
    {
        "match": { "superuser": null },
        "spawn": [ "pkexec",  "--disable-internal-agent", "cockpit-bridge", "--privileged" ]
    },
    {
        "match": { "superuser": null },
        "environ": [ "SUDO_PROMPT=\n:::\npassword prompt\n:::\n" ],
        "spawn": [ "sudo", "-n", "cockpit-bridge", "--privileged" ],
    }
]

/* src/base1/manifest.json */
"bridges" = [
    {
         "match": { "superuser": "require" },
         "problem": "access-denied"
    }
]

/* pkg/dashboard/manifest.json */
channels = [
    {
        "match": { "host": "*" },
        "spawn": [ "cockpit-ssh" ]
    }
]
@stefwalter

This comment has been minimized.

Copy link
Contributor Author

commented Jan 5, 2017

@petervo FYI ... and interested in your feedback. After looking at the XDR stuff it became really clear that this needs to be pluggable later, rather than each extension requiring a modification to cockpit-bridge itself.

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from 85e012a to f560386 Feb 10, 2017

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch 3 times, most recently from 86ee857 to fd8de6f Feb 10, 2017

@stefwalter

This comment has been minimized.

Copy link
Contributor Author

commented Feb 17, 2017

Added tests, documentation .. and finished the first two commits.

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from fd8de6f to 1f760ed Feb 20, 2017

@stefwalter stefwalter changed the title WIP: Pluggable message router in the bridge Pluggable message router in the bridge Feb 20, 2017

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from 1f760ed to 4644445 Feb 20, 2017

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from 4644445 to 2ec23cf Feb 21, 2017

@stefwalter stefwalter added the blocked label Feb 21, 2017

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from 2ec23cf to 2f39a12 Feb 21, 2017

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 21, 2017

bridge: Use manifest config to handle channels in alternate bridges
This implements a CockpitPeer class, which is driven by the
manifest.json description that was implemented in the last commit.

We migrate the cockpit-pcp bridge to this new setup.

Closes cockpit-project#5683

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 21, 2017

bridge: Remove old CockpitPortal code
Now that we're using the bridge blocks in the manifest.json files
we can remove the old portal code.

Closes cockpit-project#5683

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from 2f39a12 to 24a3fd0 Feb 21, 2017

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 21, 2017

bridge: Use manifest config to handle channels in alternate bridges
This implements a CockpitPeer class, which is driven by the
manifest.json description that was implemented in the last commit.

We migrate the cockpit-pcp bridge to this new setup.

Closes cockpit-project#5683

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 21, 2017

bridge: Remove old CockpitPortal code
Now that we're using the bridge blocks in the manifest.json files
we can remove the old portal code.

Closes cockpit-project#5683

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from 24a3fd0 to bb43b5e Feb 21, 2017

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 21, 2017

bridge: Use manifest config to handle channels in alternate bridges
This implements a CockpitPeer class, which is driven by the
manifest.json description that was implemented in the last commit.

We migrate the cockpit-pcp bridge to this new setup.

Closes cockpit-project#5683

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 21, 2017

bridge: Remove old CockpitPortal code
Now that we're using the bridge blocks in the manifest.json files
we can remove the old portal code.

Closes cockpit-project#5683
{
"match": { "payload": "metrics1" },
"spawn": [ "/usr/libexec/cockpit-pcp" ],
"x-spawn": [ "@libexecdir@/cockpit-pcp" ]

This comment has been minimized.

Copy link
@petervo

petervo Feb 22, 2017

Contributor

I think this might be a typo.

This comment has been minimized.

Copy link
@stefwalter

stefwalter Feb 22, 2017

Author Contributor

Thanks. Fixed.

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from bb43b5e to a266ec0 Feb 22, 2017

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 22, 2017

bridge: Use manifest config to handle channels in alternate bridges
This implements a CockpitPeer class, which is driven by the
manifest.json description that was implemented in the last commit.

We migrate the cockpit-pcp bridge to this new setup.

Closes cockpit-project#5683

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 22, 2017

bridge: Remove old CockpitPortal code
Now that we're using the bridge blocks in the manifest.json files
we can remove the old portal code.

Closes cockpit-project#5683

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from 486cf42 to 6d33163 Feb 24, 2017

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 24, 2017

bridge: Use manifest config to handle channels in alternate bridges
This implements a CockpitPeer class, which is driven by the
manifest.json description that was implemented in the last commit.

We migrate the cockpit-pcp bridge to this new setup.

Closes cockpit-project#5683

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 24, 2017

bridge: Remove old CockpitPortal code
Now that we're using the bridge blocks in the manifest.json files
we can remove the old portal code.

Closes cockpit-project#5683

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from 6d33163 to e86d4a2 Feb 24, 2017

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 24, 2017

bridge: Use manifest config to handle channels in alternate bridges
This implements a CockpitPeer class, which is driven by the
manifest.json description that was implemented in the last commit.

We migrate the cockpit-pcp bridge to this new setup.

Closes cockpit-project#5683

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 24, 2017

bridge: Remove old CockpitPortal code
Now that we're using the bridge blocks in the manifest.json files
we can remove the old portal code.

Closes cockpit-project#5683

@stefwalter stefwalter force-pushed the stefwalter:router-plug branch from e86d4a2 to b108e6f Feb 24, 2017

stefwalter added a commit to stefwalter/cockpit that referenced this pull request Feb 24, 2017

bridge: Remove old CockpitPortal code
Now that we're using the bridge blocks in the manifest.json files
we can remove the old portal code.

Closes cockpit-project#5683
@stefwalter

This comment has been minimized.

Copy link
Contributor Author

commented Feb 24, 2017

Added a fix for check-authorize unexpected journal message.

@petervo petervo force-pushed the stefwalter:router-plug branch from b108e6f to bf39628 Feb 25, 2017

petervo added a commit to stefwalter/cockpit that referenced this pull request Feb 25, 2017

bridge: Use manifest config to handle channels in alternate bridges
This implements a CockpitPeer class, which is driven by the
manifest.json description that was implemented in the last commit.

We migrate the cockpit-pcp bridge to this new setup.

Closes cockpit-project#5683
Reviewed-by: Peter <petervo@redhat.com>

petervo added a commit to stefwalter/cockpit that referenced this pull request Feb 25, 2017

bridge: Remove old CockpitPortal code
Now that we're using the bridge blocks in the manifest.json files
we can remove the old portal code.

Closes cockpit-project#5683
Reviewed-by: Peter <petervo@redhat.com>
@petervo

This comment has been minimized.

Copy link
Contributor

commented Feb 25, 2017

@stefwalter I reviewed and was ready to merge this. But these changes exposed a bug in #5898 that I had just merged. I added a fix here, if you are ok with then this should be good to go in.

@petervo petervo force-pushed the stefwalter:router-plug branch from bf39628 to 1b44273 Feb 25, 2017

stefwalter and others added some commits Feb 9, 2017

bridge: Move and test the cockpit_pipe_get_environ()
This is a function that builds an environment by combining the
environment in the bridge, along with overrides and special
handling of the current directory.

We move this function to make it more generally useable, since
it will be used when spawning other bridges. Also add tests,
and fix a bug that the tests expose.

Reviewed-by: Peter <petervo@redhat.com>
bridge: Add a package manifest.json bridges section
This adds document and parsing for the new "bridges" section of
the manifest.json in packages. This is a description of how to
invoke alternate bridges for various channels.

This does not yet add the implementation.

Reviewed-by: Peter <petervo@redhat.com>
bridge: Split out MockEchoChannel into its own file
We want the MockEchoChannel stuff in its own file so it can be used
by multiple tests. Note that the test-channel.c tests still need their
own copy, since it modified behavior somewhat.

Reviewed-by: Peter <petervo@redhat.com>
bridge: Add a test for CockpitRouter local channels
This is a simple test that should help us while refactoring in
later commits.

Reviewed-by: Peter <petervo@redhat.com>
shell: Move the superuser privileged bridge away from portals
Next we move the superuser privileged bridge away from using
portals, and just use the pluggable router logic with "bridges"
in manifest.json instead.

Reviewed-by: Peter <petervo@redhat.com>
bridge: Use manifest config to handle channels in alternate bridges
This implements a CockpitPeer class, which is driven by the
manifest.json description that was implemented in the last commit.

We migrate the cockpit-pcp bridge to this new setup.

Closes #5683
Reviewed-by: Peter <petervo@redhat.com>
bridge: Remove old CockpitPortal code
Now that we're using the bridge blocks in the manifest.json files
we can remove the old portal code.

Closes #5683
Reviewed-by: Peter <petervo@redhat.com>
common: Add a default name to CockpitPipe
The name variable is used regularly, and we need it to be non-NULL
even in corner cases, or we get a crash.

Reviewed-by: Peter <petervo@redhat.com>
Fix .gitignore for manifest.json when built in tree
Reviewed-by: Peter <petervo@redhat.com>
bridge: Preserve the frozen order of fenced channels
These channels should be thawed in the order that they came in,
in order to preserve ordering expectations.

Reviewed-by: Peter <petervo@redhat.com>

@petervo petervo force-pushed the stefwalter:router-plug branch from 1b44273 to 3a51348 Feb 27, 2017

stefwalter added a commit that referenced this pull request Feb 28, 2017

bridge: Use manifest config to handle channels in alternate bridges
This implements a CockpitPeer class, which is driven by the
manifest.json description that was implemented in the last commit.

We migrate the cockpit-pcp bridge to this new setup.

Closes #5683
Reviewed-by: Peter <petervo@redhat.com>

stefwalter added a commit that referenced this pull request Feb 28, 2017

shell: Move the superuser privileged bridge away from portals
Next we move the superuser privileged bridge away from using
portals, and just use the pluggable router logic with "bridges"
in manifest.json instead.

Closes #5683
Reviewed-by: Peter <petervo@redhat.com>

stefwalter added a commit that referenced this pull request Feb 28, 2017

bridge: Remove old CockpitPortal code
Now that we're using the bridge blocks in the manifest.json files
we can remove the old portal code.

Closes #5683
Reviewed-by: Peter <petervo@redhat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.