GithubHelp home page GithubHelp logo

cephalopod's Introduction

Not proper doc.

CEPHALO + POD

Two sub-projects:

  • cephalo: portal, ochestrator
    • UI and REST API for managing pods
    • Reverse proxy to each pod via paths /pod/POD_NUMBER/(wetty,theia)
    • SSL termination
    • Basic auth for access to theia
  • pod: the container and its app
    • The container process is sshd
    • Reverse proxy to wetty (terminal) and theia (IDE) apps via path /pod/POD_NUMBER/(wetty|theia)

ACCESS TO POD

AUTH

Users authenticate to the portal or the containers via AD.

Only the creator of a pod can:

  • Connect to its theia UI
  • Kill the pod

Other users can connect to a pod via wetty or ssh as user pair/pair. They will be able to view or type on the owner's main tmux session if explicitly authorised.

SECURITY

TECHS

FILES

FLOW

  • Image build - Dockerfile
    • Copies scripts to /pod
    • Installs packages
    • Creates pair user
  • Container start - /pod/entrypoint
    • Creates user
    • Calls /pod/user-init under user's uid
      • Clones user's linux-home
  • Login
    • /pod/pod-profile.sh sourced by user's .bash_profile
      • Decrypts user secrets
      • Clones projects into ~/src
      • Starts tmux

UPDATING THE DOCKER BASE IMAGE

This assumes you can run docker from your workstation.

workstation $ cd ./pod
# Hack the provisioning script
workstation $ vim build/provision
# In a new terminal start a container running a shell on rhel base image
workstation $ ./build/container-shell centos:7
# As you are changing the script, test it by running it in the container
# Keep the script idempotent to make development easier.
container $ /pod/build/provision
# Manually start the container's entrypoint (use your own staff id and name)
container $ /pod/runtime/entrypoint 0 none 43880338 "Henri" \
    FIXME https://github.com/perpen/pod-linux-home.git \
    FIXME https://github.com/krishnasrinivas/wetty.git

You can then test the pod via:

Finally push your changes to git and create a PR.

HOME DIRECTORY, SECRETS

cephalopod's People

Contributors

perpen avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.