http/sftp: support listening on passed FDs#7801
Conversation
flokli
force-pushed
the
socket-activation
branch
2 times, most recently
from
1b6a661 to
caa8067
Compare
|
poke @ncw :-) |
|
Thanks for kicking CI! That seems to be coreos/go-systemd#440. Adding a replace directive to my |
|
Can you stub it out on plan 9? |
|
That's what I did upstream, in coreos/go-systemd#440. If this doesn't get merged there, I could add a little wrapper package in rclone, and do the plan9 stubbing there, but it'd be more code on the rclone side. Is this the only thing blocking this, or do you have other feedback on the code? |
|
Well you could do the same thing in the rclone code with build tags - that is what I was suggesting. Though if your pr is merged that is the neatest way for rclone! I have looked at the code which looks ok (I'll do a formal review at some point). I would like some explanation of how it works in the docs and example config of how you would use it with systemd would be very useful. Ones thing that wasn't clear to me - does systemd start a new rclone instance for every incoming connection? Or does it keep things running for a while. I guess this might be in the systemd docs! |
|
Yeah, I'm also hoping PR gets merged into go-systemd, as essentially everyone linking against the activation package and building or this arch would do stubbing on their own, and there already is a windows stub... Regarding systemd configuration, there's a lot of different config knobs, which is why I only linked to the systemd docs. You can bind on Unix sockets, TCP ports, ... rclone keeps running, and normally gets started lazily on the first connection. If rclone had a parameter to exit the process after a specific time of inactivity, it would also get fully shut down, but that's a bit out of scope for this PR. |
|
Hmm, looks like we might have to go for build tags - not a lot of action on that PR... |
|
Alright, let me take a look at that |
|
I rebased this, and moved the wrapping into our own wrapper package, linking to the upstream issue. also added socket activation to the |
flokli
changed the title
|
@ncw sorry for the noise, but can you kick off CI once again? |
|
Poke - this should be ready now. |
|
I just stubled over #7392, which tried doing the same thing. Some feedback on what'd be needed to get either of the two accepted would be appreciated. |
|
Sorry for the delay on this @flokli Can you rebase it on master please and fixup any problems (might not be any but there have been lots of commits to master since this started). |
flokli
force-pushed
the
socket-activation
branch
from
cc9ddd6 to
986b828
Compare
|
@ncw I rebased this, and successfully tested socket-activating a webdav and sftp server. … both from the root of the rclone checkout, after a |
ncw
left a comment
ncw
left a comment
There was a problem hiding this comment.
I think this code is looking nice - thank you.
I successfully tested socket-activating a webdav and sftp server.
systemd-socket-activate -l 8088 -l 8089 --fdname=foo:bar -- ./rclone serve webdav :local:vfs/ systemd-socket-activate -l 2022 --fdname=foo:bar -- ./rclone serve sftp :local:vfs… both from the root of the rclone checkout, after a
go build ./rclone.go.
Can you put these commands in the docs please? It is great to have some commands people can cut and paste to try the feature.
It would be nice also to have a test - do you think that is possible?
PS I think all the test failures are flakes so I've re-run them.
The windows lint is actually correct - will push a fix.
It really isn't how I'd expect people to run this in production usecases - where they'll probably configure systemd .service and .socket files. I can try to find a wording that makes sure this only makes sense for testing purposes. Auxillary question - do you think we should roll this a bit differently, essentially switch to be socket-activated if we detect to be in such an environment (and have a CLI flag to disable it), but keep the existing listener syntax mostly? |
flokli
force-pushed
the
socket-activation
branch
from
986b828 to
5651e45
Compare
👍
Great.
How does this change the listener syntax? Do you mean where it ignores the command line args if it detects socket activation? Not sure I understand the question (probably not enough coffee yet :-) |
right, which is why an example |
The docs already link to https://www.freedesktop.org/software/systemd/man/latest/systemd.socket.html, which links to a bunch of guides:
There's plenty of explanation there, and I'm fairly certain people looking for this feature are already aware of how it works, or willing to do some research on it if they want it. Duplicating a small subset of examples into an individual rclone documentation item feels like a bit too much IMHO. This is the rclone documentation, we can mention we do support it, be helpful and link to some more upstream documentation, but we shouldn't try to document every other auxillary tool rclone can interface. We also don't describe how to use an sftp or http client - I see this in a similar league. |
|
yeah i mean you and i find this topic immediately recognizable so it seems basic - i just wasn't sure this would be obvious to everyone
actually that's a great point... while this won't be obvious to everyone of course it will likely be obvious to everyone looking for it on that note... thank you for your contribution here @flokli! i was just looking for this feature 2 days ago and found this PR... somehow i wasn't surprised to see your name 😉 |
I think I confused myself too 😆 With this PR, I took another pass over the docs, mentioned |
flokli
force-pushed
the
socket-activation
branch
from
5651e45 to
35d1d55
Compare
Instead of the listening addresses specified above, rclone will listen to all
FDs passed by the service manager, if any (and ignore any arguments passed by
`--{{ .Prefix }}addr`.
This allows rclone to be a socket-activated service. It can be configured as described in
https://www.freedesktop.org/software/systemd/man/latest/systemd.socket.html
It's possible to test this interactively through `systemd-socket-activate`,
firing of a request in a second terminal:
```
❯ systemd-socket-activate -l 8088 -l 8089 --fdname=foo:bar -- ./rclone serve webdav :local:test/
Listening on [::]:8088 as 3.
Listening on [::]:8089 as 4.
Communication attempt on fd 3.
Execing ./rclone (./rclone serve webdav :local:test/)
2024/04/24 18:14:42 NOTICE: Local file system at /home/flokli/dev/flokli/rclone/test: WebDav Server started on [sd-listen:bar-0/ sd-listen:foo-0/]
```
This was missing the fact rclone also supports listening on Unix Domain Sockets.
It fails to build on plan9, which is part of the rclone CI matrix, and the PR fixing it upstream doesn't seem to be getting traction. Stub it on our side, we can still remove this once it gets merged.
flokli
force-pushed
the
socket-activation
branch
from
35d1d55 to
c0338ba
Compare
|
@ncw friendly ping :-) is there anything left you want me to change here, or can we land this? |
ncw
left a comment
ncw
left a comment
There was a problem hiding this comment.
Sorry for the delay in review - been on vacation !
Let's merge this for v1.68
Thank you :-)
3 participants
Instead of the listening addresses specified above, rclone will listen to all FDs passed by the service manager, if any (and ignore any arguments passed by
--{{ .Prefix }}addr.This allows rclone to be a socket-activated service. It can be configured as described in https://www.freedesktop.org/software/systemd/man/latest/systemd.socket.html
It's possible to test this interactively through
systemd-socket-activate, firing of a request in a second terminal:What is the purpose of this change?
Closes #7783
Was the change discussed in an issue or in the forum before?
#7783
https://forum.rclone.org/t/systemd-socket-activation-for-rclone-serve/45644
Checklist