-
Notifications
You must be signed in to change notification settings - Fork 272
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
do we need 2 different GRPC implementations? #150
Comments
I don't think anything. 😁 They can all be gone for all I care. 🤷♀️ But I do think @BrynCooke actually preferred the grpcio implementation probably because it's the most compatible one. I think I remember he said it's the one what would be most used. Thanks for looking up and summarizing all the features. 🙏 I suppose this is more of a product kinda decision. |
I'll debug #149 to see if tonic is the issue |
Disclaimer: I'm not an expert on anything, and this is just stuff that I picked up when browsing the internet. https://crates.io/crates/opentelemetry-otlp#grpc-libraries-comparison The thing that makes me wary of tonic is that it uses rustls which is rather new vs openssl that is battle tested.
|
So, I tested CI timings in #153, based on #147 (which is already a bit faster than what we currently have):
About openssl, I disagree strongly and would rather we remove it entirely:
For me, the biggest argument against rustls is actually that it only supports TLS 1.2 and 1.3. Which is not a big issue because they have been officially deprecated, and for internal OTLP tools I'd suspect the configuration is modern enough. For requests to subgraphs (the other place where we use TLS) there might still be services using old versions? I am strongly against supporting TLS 1.0 and 1.1 in a new product in 2021 though. |
If rustls can use the OS supplied certificates then this sounds fine. As long as it is easy for an organisation to invalidate/replace certificates using whatever their standard process is and not have to deal with router specific configuration then it's a plus 1 from me. |
I'd suspect a lot of organisations will want a local collector in a sidecar anyway and that's where certificates will be managed |
Hashicorp vault sidecar is likely to be something we come across. |
For server certs we won't need it, since the router only needs the
certificate authority. For client side certificates, I think it could be
updated by changing the configuration file and reloading? We'll have to
test that, I'm not sure it works right now
…On Wed, Nov 17, 2021, 11:52 Bryn Cooke ***@***.***> wrote:
Hashicorp vault sidecar is likely to be something we come across.
It does beg the question, what happens when certs are updated, will we
need to restart the router pod?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#150 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAA5EACYOCOSNBM5AUFQW3TUMOCPHANCNFSM5IE23QHA>
.
|
I'm not opposed to dropping grpcio — at the very least, for the time being — since I think we lack enough concrete feedback on what protocols users necessitate in this regard right now. Plus, I think a fair bit of the OTLP protocol has only recently been stabilized if I'm not mistaken. We probably won't have a good pulse on what protocols are desired for a while, so it seems reasonable to remove it and reintroduce it if we find it necessary in the future. |
using s3 for this because codesandbox just randomly deleted the `federation-internals` package from their registry. i assure you this is only temporary.
Opentelemetry is set up to have 3 different exporters: HTTP, tonic(grpc) and grpcio( grpc)
I'd like to remove grpcio because building with this library greatly increases the compilation time and the size of the build directory, and we already have the tonic GRPC implementation.
On my machine, building apollo-router in debug mode:
cargo build --features tls,otlp-http,otlp-tonic -p apollo-router
: builds in 47s,target/
weights at 2.4GBcargo build --features tls,otlp-http,otlp-tonic,otlp-grpcio -p apollo-router
: builds in 1mn29s,target/
weights at 3.4GBThey apparently have different feature sets:
grpcio:
tonic:
Which features do we actually need? Can we contribute the missing ones in tonic? Can we get away with using tonic and a local collector thant handles credentials, custom headers, etc?
@cecton WDYT?
The text was updated successfully, but these errors were encountered: