Brain Dump

Remote Procedure Call

Tags
networking

Is the idea of calling a procedure on a different machine. In practice the procedure can also be run on the same but in a different context (such as a different user or file-system jail).

Warn: A secure RPC will need to implement additional security checks including authentication and authorisation.

The key values of RPC are:

  • Privilege Separation: The procedure can run with different (lower or higher) privileges to the caller. This can be used to improve security by ensuring components operate with the least privilege needed to function.
  • Stub Code & Marshalling: Refers to the necessary code to hide the complexity of an RPC. This code looks to the caller as a regular function call but internally it'll marshal the data into a format the remote server can understand (example: JSON/XML or more likely something like gRPC) and receive over a byte steam, and then transmit it to the server over the network or local file-descriptor and return the response from the server back to the caller in a format the caller can understand.

    Note: RPC implementation requires conventions on data serialisation. Even simple types have several common choices. For example is an integer signed or unsigned? Does it have a fixed number of bytes or variable depending on magnitude? Is the encoding little Endian or big Endian?

    • Interface Description Language: Is a dedicated language to generate stub-code and marshalling from data objects, messages, and service specifications. This improves the maintainability of a system because writing stub code by hand is painful, tedious and error prone. An example of such a language is Googles protocol buffer.