Single port binding for corporate environments

labgrid-project / labgrid

Embedded systems control library for development, testing and installation

https://labgrid.readthedocs.io/

Other

328 stars 167 forks source link

Single port binding for corporate environments #186

Closed leopck closed 5 years ago

leopck commented 6 years ago

It seems that labgrid-client requires the use of multiple port number access to perform a simple console over Serial.

e.g.

In order to connect to the coordinator, we need to pass a WebSocket URL with a randomized? port number.
```
labgrid-client -x ws://10.202.145.10:20408/ws -p home con
```
Once the console is connecting, microcom will attempt to connect to the NetworkSerialPort via a port number that is automatically passed to microcom

microcom -s 115200 -t sirius02:48847

This post a problem for corporate companies as in corporate companies we have very strict regulations on port numbers. Lots of the port numbers are blocked off and labgrid-client console will not work in the enterprise environment.

Probably a good solution would be create a single port binding (e.g. 80, 443) and perform a port multiplexing, each port can be identified by a UID or a randomized token.

Any plans for this? I could help out in this if I can find the time.

leopck commented 6 years ago

This project looks promising as a starting point. https://github.com/khuevu/http-tunnel

It looks to me that it is able to tunnel all the port from the server and client thru port 80.

jluebbe commented 6 years ago

The coordinator port can be configured in .crossbar/config.yaml. Then you need to use the matching URL with labgrid-client -x. For accessing the resources, the next step should be to use SSH port forwarding via the exporters. They are directly connected to the resources (either locally via USB or via a local network). By connecting to the exporter via SSH, you already have the functionality to execute local programs (fastboot, imx-usb-loader, dd) and can dynamically add port forwarding (for serial, ssh to the target, ...). This way, you can also reuse the existing auth mechanisms of SSH.

leopck commented 6 years ago

@jluebbe not sure by what you meant with

to use SSH port forwarding via the exporters.

Any examples you could provide? My team is looking forward to this. 👍

leopck commented 6 years ago

@jluebbe Any responds for this? I really hope this issue can be fixed ASAP.

jluebbe commented 6 years ago

There is no support for this implemented yet, so if you need access to resources which are not in your LAN now, you'll have to add this yourself. For our current use case, this doesn't have a high priority, as all our resources are in our lab LAN. If you're interested in contributing this, I'd be happy to write down how it could fit in with the current RemotePlace class/resource handling and how we could mange one SSH process for multiple forwards.

jluebbe commented 5 years ago

@leopck There is now the PR #308 which adds support for something like this. Could you check if that also covers your use case?

Emantor commented 5 years ago

PR #428 has been merged and SSH can be used as a single transport for connections. Closing this, if you have any questions, reopen or chat with us in the #labgrid channel on freenode.