Home

Awesome

Build Status

trapperkeeper-rpc

This library enables transparent RPC implementation for TrapperKeeper services. It provides two things:

Clojars Project

Feature Overview

Planned features:

Example usage

(ns gnarlytimes.services
    (:require [puppetlabs.trapperkeeper.core :refer [defservice]]
              [puppetlabs.trapperkeeper.rpc.core :refer [defremoteservice]]))

;; (note: TK best practices are eschewed for the sake of brevity)

;; A service protocol
(defprotocol MathService
    (add [this x y])
    (divide [this x y]))

;; The traditional (or "concrete") implementation of the MathService protocol
(defservice math-service
    MathService
    []
    (add [this x y] (+ x y))
    (divide [this x y] (/ x y)))

;; A proxied implementation of MathService for use via RPC
(defremoteservice remote-math-service
    MathService
    (add [this x y])
    (divide [this x y]))

Given the following config:

  {:rpc {;; currently supported: :msgpack and :json, both via transit
         :wire-format :msgpack

         ;; settings for making signed requests to the rpc server
         :ssl {:client-cert "dev-resources/ssl/client-cert.pem"
               :client-key "dev-resources/ssl/client-key.pem"
               :client-ca "dev-resources/ssl/ca.pem"}


         ;; This maps service IDs to RPC settings used by both the RPC
         ;; client and server components.
         :services {:MathService
                    {;; used by the RPC server service to find service functions
                     :protocol-ns "gnarlytimes.services"
                     ;; each service's RPC endpoint can have its own cert whitelist
                     :certificate-whitelist "dev-resources/ssl/math-service-cert-whitelist"
                     ;; the client uses this to issue RPC calls
                     :endpoint "https://localhost:9002/rpc/call"}}}

   ;; a webserver that will listen for RPC calls.
   :webserver {:rpc {:ssl-host "0.0.0.0"
                     :ssl-port 9002
                     :ssl-key "dev-resources/ssl/key.pem"
                     :ssl-cert "dev-resources/ssl/cert.pem"
                     :ssl-ca-cert "dev-resources/ssl/ca.pem"})}

and two TK stacks, one with a bootstrap.cfg like this:

puppetlabs.trapperkeeper.rpc.services/rpc-server-service
gnarlytimes.services/math-service

and another like this:

gnarlytimes.services/remote-math-service

The latter can issue calls to the functions defined by MathService as if the service was defined locally.

Error handling

There are three classes of exceptions thrown by this library during an RPC call. An RPCConnectionException is thrown when a given service's endpoint is unreachable or otherwise uncommunicative. An RPCAuthenticationException is thrown if the calling client's certificate is not on the whitelist for that service on the server side.

Should the remotely called service function throw an exception, the stack trace from the remote server is returned as part of an RPCException. This exception is also used for cases of misconfiguration (ie trying to call a function that does not exist in the RPC server's TK stack).

Running the tests

lein test

Author

Nathaniel Smith nathaniel@puppetlabs.com

Contributors

Support

To file a bug, please open a Github issue against this project. Bugs and PRs are addressed on a best-effort basis. Puppet Labs does not guarantee support for this project.

License

Copyright © 2015 Puppet Labs

Distributed under the Apache License, Version 2.0