1.1 KiB
| type | after | |
|---|---|---|
| task |
|
A mechanism should be developed, using NATS, for a host A to double check that
host B can connect to it on a certain host:port. This can be used for a couple
use-cases:
-
Make sure that VPN public address is connectable prior to being configured.
-
Make sure that garage RPC port is connectable prior to being configured.
-
Make sure that HTTP(s) ports are connectable prior to being configured (future).
The host which is configuring a port to be opened will always be the one to initiate the process. It will:
-
Open a dummy HTTP server on the port in question, with a handler which always returns a randomly generated token.
-
Publish an RPC request on NATS which indicates which
host:portit wishes to confirm connectability and the token. -
Waits for a response to the NATS request indicating either that the connection was successful, or an error indicating why it wasn't. Errors could include:
- Timeout (probably blocked by firewall)
- Challenge token not returned (something else is listening at that port)