swoole-src icon indicating copy to clipboard operation
swoole-src copied to clipboard

Published 20 hours ago verified publisher icon swoole

Feature Request: Ability to reload swoole configuration

Open martinssipenko opened this issue 7 years ago • 8 comments

It would be great to have a method on server that when called would reload the configuration that has previously been set using set() method.

martinssipenko avatar Oct 18 '18 11:10 martinssipenko

@martinssipenko i would like to give a +1 for your feature request, but actually, i have no real usecase... Can you give an example or some options where you like to re-set? :)

ghost avatar Oct 18 '18 13:10 ghost

@flddr Id like to reload ssl certificates as they get rotated automatically (by something like letsencrypt).

martinssipenko avatar Oct 18 '18 13:10 martinssipenko

@martinssipenko that's right - i would need that, too :+1: i should check this, have you tested something like:

Set the runtime settings of the swoole server. The settings can be accessed by $server->setting when the swoole server has started.

Please give feedback if you got :)

This is listed here https://www.swoole.co.uk/docs/modules/swoole-server-methods#swoole_server-set and https://wiki.swoole.com/wiki/page/13.html

By the way, it's a really good question how to hot reload SSL-Certs :wink:

ghost avatar Oct 18 '18 13:10 ghost

@martinssipenko

$server->setting works, you can change the values, but i haven't thought much about changeable values without reload yet 😉

Would be nice to know which values can be changed at runtime and which not 👍

ghost avatar Oct 18 '18 18:10 ghost

After server startup, change configuration may cause consistency problems.

matyhtf avatar Oct 19 '18 00:10 matyhtf

@flddr I tried changing the certificates in $server->setting and then doing $server->reload() and it still keeps using the old TLS cert. I'm assuming the certificates are loaded in memory and without a special command they won't be reloaded.

martinssipenko avatar Oct 19 '18 06:10 martinssipenko

Good issue 👍

@matyhtf what do you think about hot-reloading / renewal SSL certs? 😊

And: do you think we generally can distinguish between changeable and non-changeable values in $server->setting[]?

What's about a hot-reload of $https in something like:

$server = new swoole_http_server('0.0.0.0', 80, SWOOLE_BASE);
$https = $server->addListener('0.0.0.0', 443, SWOOLE_SOCK_TCP | SWOOLE_SSL);

$https->set([
  'ssl_cert_file' => '/.../fullchain.pem',
  'ssl_key_file' => '/.../privkey.pem',
  'open_http_protocol' => true,
]);

ghost avatar Oct 19 '18 07:10 ghost

Hi guys! Do you found sollution for dynamic ssl reloading on requests, something like this:

<?php

require 'vendor/autoload.php';


$server = new swoole_http_server("192.168.10.10", 443, SWOOLE_BASE, SWOOLE_SOCK_TCP | SWOOLE_SSL);

// setup the location of ssl cert files and key files
$ssl_dir = __DIR__.'/ssl_certs';
$server->set([
    'max_conn'           => 500,
    'daemonize'          => false,
    'dispatch_mode'      => 2,
    'buffer_output_size' => 2 * 1024 * 1024,
    'ssl_cert_file' => $ssl_dir . '/cert1.local.crt',
    'ssl_key_file' => $ssl_dir . '/cert1.local.key',
    'open_http2_protocol' => true, // Enable HTTP2 protocol
]);

$server->on('request', function ($request, $response) use ($server) {
    $server->set([
        'ssl_cert_file' => $ssl_dir . '/cert2.local.crt',
        'ssl_key_file' => $ssl_dir . '/cert2.local.key',
    ]);
   $server->reload();
    $response->end("<h1>Hello World. #".rand(1000, 9999)."</h1>");
});

$server->start();

This code not works properly, it still loads cert1 certificate, instead of cert2 (

fima228 avatar Jan 28 '19 14:01 fima228