Container Isolations- Websocket reverse proxy - Remote Browser Isolations
Demo video
NOTE: use
password
as password to access the container
# pre-requisite - install minikube
# curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
# sudo install minikube-linux-amd64 /usr/local/bin/minikube
# minikube start
./run_k8s_minikube.sh
- Will create a docker network `rbix-network`
./run.sh
-
responsible for managing the containers and provisioning new rbix-rbi containers.
-
expose few endpoints
- /try endpoint to spin up a new container
- /status/{container_id} endpoint to check status of a container (running or not)
- /stop/{termination_token} endpoint to stop a container
-
Client, calls
POST http://api.rbixlabs.com/v1/try
-> rbix-api-server now spins up a new container and returns the session_id and termination_token, also schedules background job to terminate the container after 10 mins.
{
"session": "in.malwaresamathi.rbixlabs.com/dfv-4c1c34a5-4f1c-47ae-a812-e414f0fc41c9/ws",
"termination_token": "728bd120-aeb8-4b88-bcde-941e386d0e39",
"created_at": "2023-07-02T23:20:28.957607349 05:30",
"started_at": "2023-07-02T23:20:29.154287117 05:30",
"valid_till": "2023-07-02T23:30:29.257156717 05:30"
}
- it's a simple reverseproxy server, which will proxy the websocket connection to the specific container.
- when client connects to reverseproxy
ws://in.malwaresamathi.rbixlabs.com/dfv-4c1c34a5-4f1c-47ae-a812-e414f0fc41c9/ws
, it makes a downstream connection with therbix-rbi
container and upgrade the client connection to websocket. - upon successful connection, it will start streaming the message from the container to the client.
- simple websocket server, which will stream the message from the container to the client.
- just expose the container information to the client.
- doesn't implemented the remote browser isolation yet.
- Pixel pushing/streaming
- Page scrubbing
- max 65536 socket connections per server
- each socket connection last for min 3 min to max 10 mins
- in 1 hour, 6*65536 = 3,93,216 connections
- in 24 hours, (6*24)*65536 = 94,60,224 connections
# create network for rbix
docker network create rbix-network
- /v1/try endpoint to spin up a new container
- /v1/status endpoint to check status of a container (running or not)
- /v1/stop endpoint to stop a container