roadrunner icon indicating copy to clipboard operation
roadrunner copied to clipboard

Published 20 hours ago verified publisher icon roadrunner-server

[💡 FEATURE REQUEST]: Configuration to UNIX socket permissions

Open Starfox64 opened this issue 1 year ago • 14 comments

Plugin

None

I have an idea!

Add a configuration option to set the file permissions and ownership of UNIX sockets created for RPC, FastCGI, etc.

Right now it simply uses de default umask of the system which makes the socket inaccessible to non owners.

Starfox64 avatar Nov 26 '23 20:11 Starfox64

Hey @Starfox64 👋 Yeah, currently, RR uses the parent (RoadRunner's) process permissions to create sockets. RPC... hm, are you working with RPC/FCGI via UNIX sockets?

rustatian avatar Nov 27 '23 12:11 rustatian

Yes, I've switched to unix sockets for RPC and FastCGI, the performance increase is quite significant.

In my setup I have NGINX talking to RR's FastCGI and on the PHP side I use the KV plugin as a Laravel cache store:

  • TCP: 220 rqps
  • UDS: 306 rqps

Side note: I was quite surprised by this, as before I was using a Redis Sentinel cluster over the network (may have been on the same node, I didn't get to verify) was even faster (~320 rqps). I think there might be some improvement oportunities in the KV implementation.

Starfox64 avatar Nov 27 '23 16:11 Starfox64

Ah, got u @Starfox64 👍 Yeah, UNIX sockets are faster than TCP, and fastcgi handler is generally faster than a proxy_pass. I'll think about precise configuration of the permissions. Most likely, I'll spread the server.uid/server.gid options to all external file descriptors created by RR.

rustatian avatar Nov 27 '23 18:11 rustatian