Design Document #1
Conversation
DESIGN.md
Outdated
|
|
||
| GetJobStatus(JobStatusRequest) returns (JobStatusResponse) | ||
|
|
||
| GetJobLogs(JobLogsRequest) returns (JobLogsResponse) |
There was a problem hiding this comment.
It will return the updated logs if the job is still running. (Similar behavior as kubectl)
DESIGN.md
Outdated
| * Job output is captured and stored in memory and sent to CLI clients. | ||
|
|
||
| ### Job Execution: | ||
| * The process runs within its assigned cgroup. |
There was a problem hiding this comment.
How is the process added to the assigned cgroup?
There was a problem hiding this comment.
Can you clarify at what point the job PID is written to cgroup.procs? When does the child actually start executing, and when does it join the cgroup?
There was a problem hiding this comment.
The job is first executed, once we received the PID we add it to cgroup.procs
| * The action will run if the client identity is defined in `sentry-roles.toml` file and the user has permission for the action. | ||
| * The server validates request and spawns a new process using `/bin/sh -c`. | ||
| * The process is assigned to a cgroup with defined CPU, memory, and I/O constraints. | ||
| * Job output is captured and stored in memory and sent to CLI clients. |
There was a problem hiding this comment.
How does the library informs the gRPC that new data was written by the job and needs to be forwarded to clients?
can you iterate a bit on it?
There was a problem hiding this comment.
The library has a public method StreamOutput() that takes a callback function as a parameter.
type OutputCallback func(data []byte) error
func (m *JobManager) StreamOutput(jobID int32, callback OutputCallback) error {}The server will call this method with a function closure that calls the stream.
s.manager.StreamOutput(req.JobId, func(data []byte) error {
return stream.Send(&pb.JobOutput{
JobId: req.JobId,
Data: data,
})There was a problem hiding this comment.
What happens if one callback completes slowly, for example if the stream.Send() is on a slow connection?
There was a problem hiding this comment.
Once the job started a running goroutine in the background reads the stdout/stdout and calls stream.Send() for each client them to clients.
DESIGN.md
Outdated
| ### Job Initialization: | ||
| * User starts a job via CLI. | ||
| * The server authorizes the user against for the request against the roles defined in sentry-security. | ||
| * The client identity is the CN field of the CA |
There was a problem hiding this comment.
Which TLS parameters like version, cyphers... do you plan to use here?
There was a problem hiding this comment.
I will use TLS1.3 with the default AEAD cipher suites and curve preferences.
var defaultCipherSuitesTLS13 = []uint16{
TLS_AES_128_GCM_SHA256,
TLS_AES_256_GCM_SHA384,
TLS_CHACHA20_POLY1305_SHA256,
}var defaultCurvePreferences = []CurveID{
X25519, // X25519 (ECDH/curve25519)
CurveP256, // NIST P-256
CurveP384, // NIST P-384
CurveP521, // NIST P-521
}
| rpc KillJob (KillJobRequest) returns (KillJobResponse) {} | ||
| rpc GetJobStatus (JobStatusRequest) returns (JobStatusResponse) {} | ||
| rpc StreamJobLogs (JobLogsRequest) returns (stream JobOutput) {} | ||
| rpc ListJobs (ListJobsRequest) returns (ListJobsResponse) {} |
There was a problem hiding this comment.
Suggestion: remove support for listing - it is not a requirement for the challenge.
There was a problem hiding this comment.
But I need the job ids and the state of running jobs for testing?
There was a problem hiding this comment.
You should be able to get that from GetJobStatus though right?
There was a problem hiding this comment.
The start request could also return the identifier instead of an empty response.
There was a problem hiding this comment.
Right, removing it makes the testing more difficult while having the ListJob doesn't add so much to the code.
But I can still remove it if you have strong openion.
DESIGN.md
Outdated
| bool is_running = 1; | ||
| string status = 2; |
There was a problem hiding this comment.
Suggestion: use an enum instead of multiple fields?
There was a problem hiding this comment.
Removed status field. It is not needed.
There was a problem hiding this comment.
Does is_running provide enough information about a job though? Is it not running because the job ended or because a user stopped it?
There was a problem hiding this comment.
Would you explain how many states for status do we need?
- Stopped
- Finished
- Running
DESIGN.md
Outdated
| * Job output is captured and stored in memory and sent to CLI clients. | ||
|
|
||
| ### Job Execution: | ||
| * The process runs within its assigned cgroup. |
There was a problem hiding this comment.
Can you clarify at what point the job PID is written to cgroup.procs? When does the child actually start executing, and when does it join the cgroup?
| * The action will run if the client identity is defined in `sentry-roles.toml` file and the user has permission for the action. | ||
| * The server validates request and spawns a new process using `/bin/sh -c`. | ||
| * The process is assigned to a cgroup with defined CPU, memory, and I/O constraints. | ||
| * Job output is captured and stored in memory and sent to CLI clients. |
There was a problem hiding this comment.
What happens if one callback completes slowly, for example if the stream.Send() is on a slow connection?
DESIGN.md
Outdated
| ``` | ||
|
|
||
| ## Job IDs | ||
| Jobs are identified using UUIDs rather than process IDs or sequential counters. This choice addresses several key requirements: |
There was a problem hiding this comment.
nit, but it seems like some content is missing here?
| } | ||
|
|
||
| message StartJobRequest { | ||
| string command = 1; |
There was a problem hiding this comment.
If this includes command + arguments, how will it be executed? Will you be parsing the string yourself? If so, can you think of any design tweaks that might remove the need to do so?
There was a problem hiding this comment.
Yes, Ideally we want to be able to do something like sentry start -cmd bash -c 'i=1; while true; do echo "$i"; i=$((i+1)); sleep 1; done'.
There was a problem hiding this comment.
Right, this still would involve some level of parsing on both client and server since command is just a single string value, right? Can you think of a change to the data model that might simplify this?
There was a problem hiding this comment.
Yes, I have some ideas. I can handle that. I will change the data type.
There was a problem hiding this comment.
@timothyb89 Would something like this be acceptable? Note the -- after bash.
sentry start -cmd bash -- -c 'i=1; while true; do echo "$i"; i=$((i+1)); sleep 1; done'There was a problem hiding this comment.
I think that's a good start, but does the proto change at all to accommodate this?
There was a problem hiding this comment.
It will look like this
message StartJobRequest {
string command = 1;
repeated string commandArgs = 2;
}
DESIGN.md
Outdated
| } | ||
|
|
||
| message JobOutput { | ||
| int32 job_id = 1; |
No description provided.