-
Notifications
You must be signed in to change notification settings - Fork 30
service discovery on ipfs #15
Comments
To translate this into something a bit more concrete, you can do this today by doing: Pick a nonce, something to be prepend to your service names ; this essentially defines your network. If someone else knows this nonce they'll be able to spoof and/or read the state of your service availability. Publish service availability by publishing a block consisting of { nonce + service name }. In other Finding a service by doing |
to create a 'raw block' with the data you want, you need to use Also, anyone who knows your |
oh, good point wrt And yup, |
So: Is there a way to do service discovery without being spoofable? |
Well, not in a decentralized manner. If you want a single node to control service discovery you could have peers register with the 'master' node and have it build a list for peers to use. |
You could avoid spoofing by including a public key with the service name in the block, and then sign all traffic from that service with it. |
TL;DR of the issue I linked from: Paid pin services are a worrying sign. IMO we have enough centralization already; if we let corporate entities manage most of IPFS' replication/redudancy for money, then what's the point of even having IPFS? We need to step up and not allow it to turn into a WWW copy. I feel the mechanism outlined here can be used in the scenario of people/organizations willing to donate bandwidth and storage and hopefully eliminate the need for paid pin services. Plus, I don't think encryption would be needed. We can devise a specifically crafted block which states exactly "I am a traffic and storage donator". Nothing secret or needing spoof protection here I think. The part I can't figure out yet (being a total novice in IPFS) is how to also state "I can offer up to 3MB/s upload and 6MB/s download, and I am willing to donate 150GB of space, of which 107GB are free right now". Is there a way to provide such an additional information to somebody after they discover me via the above technique? |
Is there any discussion of after you find such a service how you might do port discovery? is there something like |
Services are identified by protocol name, not port. You'd connect to the peer and then use our multistream protocol to connect to the service in question. |
I definitely feel the multistream stuff is the right idea, but I'm not completely understanding it or how it would work with existing services. I suppose you would write some kind of proxy to a running service and attach that to some protocol name? For instance, if I had a web service that, when given an ipfs object id, returns a list of related objects... that would be something tied to a multistream protocol via a go/js program that listens and proxies requests to that running server? I'm finding it hard to understand the documentation for multistream everything because it uses a lot of multihashes and doesn't say what they are. would a multistream solution to finding service+port be to have "/ipfs//my-related-object-service/1.0" respond by proxying to that service (perhaps producing json or w/e)? (after the w/e appropriate multistream handshake/lookup/etc) If so, seems like a very reasonable solution. |
Yes. We actually have a command that does this. Take a look at the
In multistream, protocols are just strings. In the examples, we use IPFS paths. However, in practice, we currently use paths like
Yes.
Not sure what you mean here. |
I understand the service discovery part here: But how can you find additional information about the peers here? For instance, how could you link from this block to another block served by that peer which contained service info? It would be great if you could go from service discovery to service info discovery. Any thoughts? |
Here is my strategy so far. When you discover peers and select them by service (however you do it, as you describe is fine), you then know there is some kind of service operating on that peer. You can proxy to that service and just contact it directly. You don't know which port the service is on, but IPFS does tunnel at least one known HTTP service as part of its daemon. So, I set up a custom protocol serving JSON over HTTP that can report service information (port, etc) which can be used with other tools. However, if such a service already has a web-based API, you can just bridge it over that IPFS p2p http proxy, which works very well! Thankfully, if you have such a service running already, setting it up with IPFS is fairly straightforward. These specifically use the "experimental" options that you have to enable at the server-side with " On the server side, with an IPFS daemon running, I do an extra step to have the IPFS p2p proxy to my existing web service, also hosted on that same server: ipfs p2p listen /x/my-service/http /ip4/127.0.0.1/tcp/9292 Where
Where In my specific case, the web service I'm bridging can report information about itself through its own web API. It has a route You can do everything through that proxy, or just use that proxy to the service's web API to retrieve basic information and then switch to accessing the service directly a more traditional way. My service is a federated software archive, and I'm doing distribution of versioned repositories using IPFS as a discovery mechanism. The experimental flags don't bother me since I'm already vendoring the IPFS binary and the system maintains and initializes its own IPFS root. This strategy is working really well, but I'm curious what others think and if there are more "official" ways to do this. Cheers. |
This is really interesting. I think I will stay away from using ipfs for messaging. We need really high throughput of a custom type. |
Hm, not sure why this is being reopened. But currently IPFS supports pub-sub and we have used this pretty well to implement service discovery. We implemented a blockchain using IPFS for storage and use then pub-sub to discover all other peers participating in our blockchain and which blocks they mined. See source code and relevant section here. |
The question of service discovery on ipfs has been asked a few times, so I figured I would write out my thoughts on the matter.
Ipfs has a built in mechanism for nodes to advertise that they have a certain chunk of data, this mechanism is called "Providers". It is as simple as telling the routing system "I Provide block X". And requests may be made of the routing system for providers of block X. We can slightly abuse this to have a way for peers running certain services to find eachother easily. By crafting a block unique to the service (I'll refer to this as the "Identification block"), and having all peers running the service "Provide" the block, finding peers running a given service is as easy as requesting providers for that services identification block.
The text was updated successfully, but these errors were encountered: