Ilia Denisov
2.2 KiB
2.2 KiB
Runtime and Components
The diagram below focuses on the deployed galaxy/gateway process and its
runtime dependencies.
flowchart LR
subgraph Clients
Public["Public REST clients"]
Authd["Authenticated gRPC clients"]
end
subgraph Gateway["Edge Gateway process"]
PublicHTTP["Public HTTP listener\n/healthz /readyz /api/v1/public/auth/*"]
AuthGRPC["Authenticated gRPC listener\nExecuteCommand / SubscribeEvents"]
AdminHTTP["Optional admin HTTP listener\n/metrics"]
BackendREST["backendclient.RESTClient\nsessions + public auth + user/lobby"]
BackendPush["backendclient.PushClient\nSubscribePush consumer"]
Replay["Replay reservation client"]
PushHub["PushHub"]
Dispatcher["Push event dispatcher"]
Telemetry["Logs, traces, metrics"]
end
Public --> PublicHTTP
Authd --> AuthGRPC
PublicHTTP --> BackendREST
AuthGRPC --> BackendREST
AuthGRPC --> Replay
AuthGRPC --> PushHub
BackendPush --> Dispatcher
Dispatcher --> PushHub
PublicHTTP --> Telemetry
AuthGRPC --> Telemetry
AdminHTTP --> Telemetry
Redis["Redis\nanti-replay reservations only"]
Backend["backend service\nHTTP + gRPC"]
Metrics["Prometheus / OTLP collectors"]
BackendREST --> Backend
BackendPush --> Backend
Replay --> Redis
Telemetry --> Metrics
Notes:
cmd/gatewayrefuses startup when Redis connectivity, the backend endpoint, or the response signer is misconfigured.- Session lookup is synchronous: every authenticated gRPC request triggers one
GET /api/v1/internal/sessions/{id}call to backend; there is no process-local projection. backendclient.PushClientkeeps a long-livedPush.SubscribePushstream open. The dispatcher converts inboundpushv1.PushEventframes into eitherPushHub.Publish(for client events) orPushHub.RevokeDeviceSession/PushHub.RevokeAllForUser(forsession_invalidation).user.*andlobby.*authenticated routes are forwarded to backend through the same REST client, withX-User-Idcarrying the verified identity.- The admin listener is optional and serves only Prometheus text metrics.