英文:
Performance & security impact of enabling grpc server reflection
问题
我想知道启用服务器反射会对服务器性能产生什么影响,以及是否存在与之相关的安全问题。
英文:
I want to know what would be the impact on performance of server on enabling server reflection & if there are any security concerns with it.
答案1
得分: 2
Reflection服务不会影响性能,除了用于跟踪反射数据的内存之外。根据语言/实现方式的不同,反射服务可以转储二进制中使用的任何protobuf描述符(不包括注释)。是否应该担心这一点取决于您的环境和服务。
通常情况下,内部服务会一直启用它。当您有一个反向代理根据路径联系多个服务时,该服务通常不会暴露,除非您需要一个智能实现,该实现将多个后端的结果与代理的配置结合起来。
英文:
Reflection service couldn't impact performance, other than the memory it uses to track the reflection data. Depending on the language/implementation, the reflection service may be able to dump protobuf descriptors (which does not include comments) for any protobuf used in the binary. Whether that is a concern depends on your environment and service.
It is common to have it enabled all-the-time for internal services. When you have a reverse proxy that contacts multiple services depending on the path, the service is generally not exposed as you'd need a smart implementation that combines results from multiple backends and the proxy's configuration.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论