nsqd: add Unix domain socket HTTP listener alongside TCP#1528
Open
hwde wants to merge 3 commits into
Open
Conversation
Add an additional listener for local unix domain sockets. This allows to listen on default http-address, which is used by nsqlookupd.
|
ready for review |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds an optional Unix domain socket HTTP listener to
nsqdthat runs inaddition to the regular TCP HTTP listener. Previously it was only possible to
serve HTTP either over TCP or over a unix socket (via
--http-address=<path>),not both at the same time.
New options
--unix-socket-path=<path>— if set,nsqdadditionally listens for HTTPclients on this unix socket. Independent from
--http-address.--unix-socket-permission=<octal>— file permission of the socket inode,parsed as an octal string (e.g.
0660). Empty means nochmod(umaskapplies).
Both options are opt-in; default behavior is unchanged.
Behavior notes
tls_required. Access control is delegated to filesystem permissions on thesocket path (that's what
--unix-socket-permissionis for).nsqdis found at theconfigured path, it is removed automatically before
Listen. A regular fileor directory at that path is never removed;
nsqdrefuses to startinstead.
net.Listenso the socket inode iscreated with the intended permissions from the start, closing the race window
between
Listenand the follow-upchmod.RealUDSAddr()accessor is exposed analogous toRealTCPAddr/RealHTTPAddr.Tests
New file
nsqd/uds_http_test.gocovers:/pubover both)./ping,/info,/stats) served over UDS.(not a panic).
Exit.rejected without being deleted.
tls_requiredis correctly bypassed on the UDS listener."","").RealUDSAddrreturns the configured path and a zero value when no UDS isconfigured.
All tests pass with and without
-race.Docs
contrib/nsqd.cfg.examplehas new commented-out entries for both options.Test plan
go build ./...go test ./nsqd -count=1go test ./nsqd -count=1 -racensqdwith--unix-socket-path=/tmp/nsqd.sock --unix-socket-permission=0660, publish viacurl --unix-socket /tmp/nsqd.sock http://localhost/pub?topic=test -d hello, confirm theregular TCP HTTP endpoint still works in parallel.