0

I'm trying to create a training/labs platform that would allow anyone to have an isolated pod/container to connect to and play with it. I was initially planning to do it in two steps:

  • Have the user request a new instance into a "Manager", which will create a new pod and new random subdomain service using Traefik to redirect to the pod. [RANDOM UUID].challenge1.platform.com
  • The user can freely connect to the subdomain and the Load Balancer will redirect to the isolated pod.

However, previous approach had some problems:

  • If I want to deploy a challenge witch exposes TCP ports there is no way for me to redirect to the pod by using domains, as TCP is not domain aware. To do so, I should give the user a unique IP instead of a domain (which removes the purpose of having a Load Balancer/Proxy). [If there is no other way to achieve it I would have to stick to this]
  • Only a single HTTP port can be exposed. If I want more ports to be exposed I had to create extra rules that would either use sub-subdomain or URI/paths.port[x].[RANDOM UUID].challenge1.platform.com or [RANDOM UUID].challenge1.platform.com/service[x]

To solve previous problems I decided to have a "proxy" container. This container should listen into all the training required ports and redirect based on the request IP to a newly deployed pod for each request IP. This manager will be exposed under challenge1.platform.com and all users will be connecting to the same domain.

This approach would require me to write a custom "proxy" container that will forward the traffic to the desired pod. So I should keep track using a mapping of IP -> pod. The new pod/instance should either be deployed by every single new IP request or by manually triggering a endpoint on the proxy/manager such as POST request on /new.

The manager will be periodically checking for "old" pods and killing them to clean resources. I still need to think in the way that I will notify the end-user that their pod is expiring or will be killed in x seconds.

I'm quite new in K8s world and I would like to know if there is any other better way to approach my problem.

fr0zn
  • 1
  • 1
  • Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community May 14 '23 at 10:51

0 Answers0