Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / be74284cb84581b7217a934d2a771edb7c948223^! / . / metropolis / test / nanoswitch / nanoswitch.go
commitbe74284cb84581b7217a934d2a771edb7c948223[log] [tgz]
authorSerge Bazanski <serge@monogon.tech>Mon Apr 04 13:18:50 2022 +0200
committerSergiusz Bazanski <serge@monogon.tech>Wed Apr 06 09:52:24 2022 +0000
treec943b51d32f0f0c0f81b97faa4660a9099b3caee
parentfe7134b0b25b620b6f40b1f41f37ab93fca6d3c0 [diff] [blame]
m/test: implement SOCKS proxy in cluster tests

This uses the new socksproxy package to run a proxy server in the
nanoswitch, and uses it within tests to access the test cluster's nodes.

The cluster test code (and nanoswitch) still forward traffic to the
first node, but this will be gradually removed as SOCKS support is
implemented in metroctl and the debug tool. Forwards from host ports to
different node can then be implemented as part of the dbg tool (instead
of the cluster launch code) to maintain a simple interface during debug
and development.

We also use the opportunity to make the non-cluster launch code not
Metropolis specific (by removing an assumption that all ports on all
nodes are Metropolis ports). In the long term, we will probably remove
non-cluster launches entirely (or further turn this code into just being
a 'launch qemu' wrapper).

Change-Id: I9b321bde95ba74fbfaa695eaaad8f9974aba5372
Reviewed-on: https://review.monogon.dev/c/monogon/+/648
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>

diff --git a/metropolis/test/nanoswitch/nanoswitch.go b/metropolis/test/nanoswitch/nanoswitch.go
index de04a42..5cc2077 100644
--- a/metropolis/test/nanoswitch/nanoswitch.go
+++ b/metropolis/test/nanoswitch/nanoswitch.go

@@ -20,7 +20,10 @@
 // served by a built-in DHCP server. Traffic from that network to the
 // SLIRP/external network is SNATed as the host-side SLIRP ignores routed
 // packets.
-// It also has built-in userspace proxying support for debugging.
+//
+// It also has built-in userspace proxying support for accessing the first
+// node's services, as well as a SOCKS proxy to access all nodes within the
+// network.
 package main
 
 import (
@@ -312,6 +315,7 @@
 		supervisor.Run(ctx, "proxy-dbg1", userspaceProxy(net.IPv4(10, 1, 0, 2), common.DebugServicePort))
 		supervisor.Run(ctx, "proxy-k8s-api1", userspaceProxy(net.IPv4(10, 1, 0, 2), common.KubernetesAPIPort))
 		supervisor.Run(ctx, "proxy-k8s-api-wrapped1", userspaceProxy(net.IPv4(10, 1, 0, 2), common.KubernetesAPIWrappedPort))
+		supervisor.Run(ctx, "socks", runSOCKSProxy)
 		supervisor.Signal(ctx, supervisor.SignalHealthy)
 		supervisor.Signal(ctx, supervisor.SignalDone)
 		return nil