Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Plugin connection -> from unix sockets to port #53

Closed
michelvocks opened this issue Jul 22, 2018 · 1 comment
Closed

Plugin connection -> from unix sockets to port #53

michelvocks opened this issue Jul 22, 2018 · 1 comment
Assignees
@michelvocks
Labels
enhancement

Comments

@michelvocks
Copy link
Member

Currently, Gaia uses unix sockets as communication channel for Gaia <-> Pipeline (Plugin) communication.

It has the following disadvantages:

  • Gaia only runs on Unix (Mac/Linux) systems.
  • Adding new SDKs is hard due to new/poor implementation and support of unix sockets.

It has the following advantages:

  • It's secure. You can only hijack the communication when you have access to the filesystem.

We need to change to real port communication. It also means that we have to generate certificates for the communication between Gaia and the Plugin.
@michelvocks michelvocks self-assigned this Jul 22, 2018
@michelvocks
Copy link
Member Author

Following idea in my mind.
On every pipeline start, Gaia creates a new x509 certificate. It will set the path to the certificates as environment variables. This means every SDK needs to get the path from the environment variable and needs to configure mutual TLS.

What do you think @Skarlso ?

@michelvocks michelvocks mentioned this issue Jul 23, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@michelvocks michelvocks

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@michelvocks