Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Decisions pending feedback #6

Open
kanpov opened this issue Nov 17, 2024 · 1 comment
Open

Decisions pending feedback #6

kanpov opened this issue Nov 17, 2024 · 1 comment
Labels
enhancement New feature or request question Further information is requested
Milestone

Comments

@kanpov
Copy link
Member

kanpov commented Nov 17, 2024

Some controversial-ish design decisions I've made with the fctools API. I'd like some feedback from users about whether these decisions affect their DX and how. This is to prepare for a 1.0 release where these decisions are finalized:

  1. Dependency on nix crate. nix is not an internal dependency, it leaks out into public API with its Uid and Gid newtypes as of 0.5
  2. Very limited (if any) support for dynamic dispatch. With Removal of async-trait #3, the vast majority of traits in the public API except for CommandModifier which is stored in a Vec<Box<dyn CommandModifier>> are now fully incompatible with dyn. For me, this is inconsequential and provides benefits by not having to run proc macros on impls of these traits, as well as reducing runtime overhead associated with future boxing, but that may not be the case for others.
  3. Ownership limitations. Ownership is the major friction point of Firecracker SDKs, to which there are two solutions: pretend it doesn't exist (see Go SDK) or support the subset of ownership cases that makes maintainers (me) still stay sane. I've chosen the latter and 4 models are supported, which are implemented very well but do not support the "omnipresent host agent god" use-case, where 1 control process running as user A observes jailed VMs that each have a separate non-root user, i.e. B, C, D, E, F etc. Is it necessary for end-users to have this support or is the solution of 1 control process per such user attainable via fork()+setuid()?
@kanpov kanpov added enhancement New feature or request question Further information is requested labels Nov 17, 2024
@kanpov kanpov added this to the 1.0 milestone Nov 17, 2024
@kanpov
Copy link
Member Author

kanpov commented Dec 14, 2024

nix dependency problem has been basically resolved by having a choice between nix (libc wrapped syscalls) and rustix (direct syscalls) via removing sys-nix default feature. The Uid and Gid no longer leak into public API, u32s are used instead.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request question Further information is requested
Projects
None yet
Development

No branches or pull requests

1 participant