Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[vnet][5] app proxying #41033

Merged
merged 13 commits into from
May 28, 2024
Merged

[vnet][5] app proxying #41033

merged 13 commits into from
May 28, 2024

Conversation

nklaassen
Copy link
Contributor

@nklaassen nklaassen commented Apr 30, 2024
edited
Loading

This is the sixth in a series of PRs implementing Teleport VNet RFD. parent

This PR completes an MVP tsh vnet implementation - with this PR connections are now forwarded all the way to the Teleport app and VNet is actually usable.

│Nics-MacBook-Pro:teleport nic$ nc -v netcat.one.private 123
│Connection to netcat.one.private port 123 [tcp/ntp] succeeded!
│Hello
│world!
│
├──────────────────────────────────────────────────────────────
│Nics-MacBook-Pro:teleport nic$ nc -lkv 127.0.0.1 12345
│Hello
│world!
│

All teleport clients are cached, I moved the clientcache out of lib/teleterm to share it with Connect. App certificates are automatically reissued on expiry, with a relogin to the cluster if necessary. Per-session MFA is supported. Cached cluster clients will be evicted after a relogin.

This includes the implementation for tsh vnet, with a goal of making it very easy to implement in Connect as well, the AppProvider interface is mostly modelled around the APIs available in Connect and what is already does for app gateways.

lib/vnet/vnet_test.go exercises the app resolver and alpn dialing, but it does not exercise any of the tsh code, I'll be adding integration tests for that later.

@nklaassen nklaassen added the no-changelog Indicates that a PR does not require a changelog entry label Apr 30, 2024
@github-actions github-actions bot added size/md tsh tsh - Teleport's command line tool for logging into nodes running Teleport. labels Apr 30, 2024
@nklaassen nklaassen mentioned this pull request Apr 30, 2024
Merged
@nklaassen nklaassen marked this pull request as draft April 30, 2024 18:19
@nklaassen nklaassen mentioned this pull request Apr 30, 2024
Open
@nklaassen nklaassen requested a review from ibeckermayer May 2, 2024 00:56
@nklaassen nklaassen mentioned this pull request May 2, 2024
Merged
@nklaassen nklaassen marked this pull request as ready for review May 2, 2024 01:25
@github-actions github-actions bot requested review from gabrielcorado and zmb3 May 2, 2024 01:25
@nklaassen nklaassen force-pushed the nklaassen/vnet5 branch 2 times, most recently from 96812d1 to 85cee19 Compare May 2, 2024 18:36
@nklaassen nklaassen marked this pull request as draft May 2, 2024 19:19
@nklaassen nklaassen changed the base branch from nklaassen/vnet4 to nklaassen/vnet-app-mfa May 2, 2024 22:57
Joerger
Joerger reviewed May 3, 2024
View reviewed changes
Copy link
Contributor

@Joerger Joerger left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just left a couple comments around the MFA changes.

tool/tsh/common/vnet_common.go Outdated Show resolved Hide resolved
tool/tsh/common/vnet_common.go Show resolved Hide resolved
@nklaassen nklaassen force-pushed the nklaassen/vnet-app-mfa branch from e0d1818 to bea76e5 Compare May 3, 2024 20:21
Base automatically changed from nklaassen/vnet4 to master May 24, 2024 17:42
@nklaassen nklaassen requested review from rosstimothy and removed request for fheinecke, smallinsky, AntonAM and strideynet May 24, 2024 22:07
@nklaassen nklaassen added this pull request to the merge queue May 28, 2024
Merged via the queue into master with commit d23ed24 May 28, 2024
38 checks passed
@nklaassen nklaassen deleted the nklaassen/vnet5 branch May 28, 2024 18:08
@public-teleport-github-review-bot
Copy link

@nklaassen See the table below for backport results.

Branch Result
branch/v16 Create PR

@nklaassen nklaassen mentioned this pull request May 28, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Joerger Joerger Joerger left review comments

@ravicious ravicious ravicious approved these changes

@rosstimothy rosstimothy rosstimothy approved these changes

@ibeckermayer ibeckermayer Awaiting requested review from ibeckermayer

Assignees
No one assigned
Labels
backport/branch/v16 machine-id no-changelog Indicates that a PR does not require a changelog entry size/md tsh tsh - Teleport's command line tool for logging into nodes running Teleport.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nklaassen @ravicious @Joerger @rosstimothy