Egress proxy support in Sail

coder / sail

Deprecated: Instant, pre-configured VS Code development environments.

https://sail.dev

MIT License

627 stars 36 forks source link

Egress proxy support in Sail #229

Open linux-china opened 5 years ago

linux-china commented 5 years ago

Thoughts from https://github.com/cdr/sail/issues/220 If you want to access services out of Sail container, for example services started from your project's docker-compose.yml, services started from brew or services in your local network. Add share.egress label to enable egress TCP proxy like following, and you can access from localhost, and it's easy. for example, just redis-cli. For some VS Code extension, for example MySQL, these extensions can access services easy with localhost without any modification. Andy it's very useful for Cloud Shell to access cloud services.

LABEL share.egress="host.docker.internal: 6379: 6379,host.docker.internal:3306:3306,192.168.1.33: 11211: 11211"

Toxiproxy is good option to implement egress proxy and useful to chaos testing. Of course, you can use Toxiproxy to implement this features, but some complicated. If Sail integrates this feature, and it will be easy for everybody.

teddy-codes commented 5 years ago

I think this issue should also be for ingress traffic if we have a bridge network.

deansheather commented 5 years ago

If we want to change it to a bridge network, I think we should just let the user decide which networks to add the container to using labels. And for port forwarding to the host, we could just automatically forward any EXPOSE statements to the host on the same port (or a random port if it's not available).

LABEL network.redis="test_redis"
LABEL network.mysql="test_mysql"

EXPOSE 8080
EXPOSE 3000

The problem with this, however, is that we don't have a standard way of ensuring everyone ends up with the same environment. One of the features on our README is No more "It works on my machine", everyone working on the same project is working in the same environment. Adding external container/application dependencies will reduce reproducability unless we make sure Sail ensures dependencies are met (i.e. a Sail version/integration of docker-compose).

deansheather commented 5 years ago

Had a chat with Kyle, we definitely recommend running services like databases inside of the sail container, as it improves reproducability dramatically.

I think if we do end up changing to container networking, it's definitely a good idea to allow for adding the container to bridge networks for any cases that do need it.

teddy-codes commented 5 years ago

Yea, I like the idea of adding databases to sail for reproducibility. I recently stopped using sail and started using docker-compose for this reason. Will definitely go back once these are added.