Description
In cloud-native environments (ECS/Fargate, App Runner, Kubernetes, etc.), network topology and backend IPs can change due to scaling events, rolling deployments, or DNS updates. In these situations, long-lived gRPC channels can become stale or stuck in a half-open state.
While gRPC does attempt automatic reconnection, in practice this is not always sufficient for long-running services. Being able to explicitly close and recreate a channel is often necessary for deterministic recovery and graceful shutdown.
Currently, authzed-py does not expose any way to close the underlying gRPC channel created by the client. This makes it difficult to:
Explicitly recreate the client when network conditions change
Cleanly shut down applications without relying on garbage collection
Rotate credentials or force a reconnect in a controlled way
Avoid leaking sockets during redeploys or restarts
The underlying gRPC Python channel does support channel.close(), but this is not accessible through the public API.
Proposed improvement
Expose a close() (or similar) method on the Authzed client that delegates to the underlying gRPC channel’s close().
For example (illustrative):
client = AuthzedClient(...)
# ...
client.close()
This would allow applications to explicitly manage the client lifecycle without relying on implicit garbage collection or workarounds such as aggressive keepalive or connection age settings.
Notes:
This would be a backwards-compatible change
It aligns with lifecycle management patterns in other gRPC client libraries
Even if gRPC reconnect logic exists, having explicit control is important in dynamic cloud environments
Happy to help with a PR if this direction makes sense.
Description
In cloud-native environments (ECS/Fargate, App Runner, Kubernetes, etc.), network topology and backend IPs can change due to scaling events, rolling deployments, or DNS updates. In these situations, long-lived gRPC channels can become stale or stuck in a half-open state.
While gRPC does attempt automatic reconnection, in practice this is not always sufficient for long-running services. Being able to explicitly close and recreate a channel is often necessary for deterministic recovery and graceful shutdown.
Currently, authzed-py does not expose any way to close the underlying gRPC channel created by the client. This makes it difficult to:
Explicitly recreate the client when network conditions change
Cleanly shut down applications without relying on garbage collection
Rotate credentials or force a reconnect in a controlled way
Avoid leaking sockets during redeploys or restarts
The underlying gRPC Python channel does support channel.close(), but this is not accessible through the public API.
Proposed improvement
Expose a close() (or similar) method on the Authzed client that delegates to the underlying gRPC channel’s close().
For example (illustrative):
This would allow applications to explicitly manage the client lifecycle without relying on implicit garbage collection or workarounds such as aggressive keepalive or connection age settings.
Notes:
This would be a backwards-compatible change
It aligns with lifecycle management patterns in other gRPC client libraries
Even if gRPC reconnect logic exists, having explicit control is important in dynamic cloud environments
Happy to help with a PR if this direction makes sense.