Scope
Tracking issue only — the Dataiku DSS extension code lives in a separate repo. Implementation will happen there; this issue exists so the work is visible alongside the rest of the kiji-proxy roadmap.
Motivation
The Dataiku DSS extension currently talks to the proxy over a TCP loopback port. Switching to a Unix domain socket would:
- Remove the need to pick / reserve a TCP port on the DSS host (avoids conflicts with other services).
- Eliminate exposure on the loopback interface — sockets are gated by filesystem permissions, so only the DSS user (or an explicit group) can connect.
- Slightly lower latency / overhead vs. TCP for same-host IPC.
Proposal
- Update the DSS extension to connect to the proxy via a Unix socket path (configurable, with a sensible default like
/var/run/kiji-proxy.sock or $XDG_RUNTIME_DIR/kiji-proxy.sock).
- Ensure the proxy side supports listening on a Unix socket (verify / add as needed in this repo).
- Document socket permissions (owner, group, mode) so DSS can read/write but unrelated users can't.
- Provide a fallback / migration note for existing DSS deployments still on TCP.
Acceptance criteria
Notes
- Windows DSS hosts don't have first-class Unix socket support; keep TCP as a fallback there.
- Implementation PRs will land in the DSS extension repo, not here.
Scope
Tracking issue only — the Dataiku DSS extension code lives in a separate repo. Implementation will happen there; this issue exists so the work is visible alongside the rest of the kiji-proxy roadmap.
Motivation
The Dataiku DSS extension currently talks to the proxy over a TCP loopback port. Switching to a Unix domain socket would:
Proposal
/var/run/kiji-proxy.sockor$XDG_RUNTIME_DIR/kiji-proxy.sock).Acceptance criteria
Notes