If you start a web service on a sandbox host, it is not publicly available. The learner can send web requests through our inbound proxy:
Every sandbox hosts has a unique subdomain URL on the proxy. This is the format of the URL:
There are three components in the subdomain:
Hostname: The name of the sandbox host in config.yml. (A sandbox host is a VM or a container.)
Port: The port to forward the traffic to. If you're forwarding traffic to a container, make sure to expose the port in config.yml.
Participant ID: An identifier that uniquely identifies a sandbox environment. You can access the participant ID on any sandbox host through the environment variable
The inbound proxy authenticates incoming requests and terminates HTTPS:
Only requests from the learner who plays the track are forwarded.
Incoming requests are forwarded as plain HTTP(S)/1 to your sandbox hosts.
Your services can use TLS with (self-signed) certificates. Our proxy will accept any certificate, as long as it's not expired.
Sandbox hosts can connect to the public internet.
Instruqt provides internal DNS to hosts. If you add a host with the name
host1 , and another host with the name
host2, they can reach one another using their local name. Both container to container, container to VM (and vice versa) work:
[email protected]:~# ping host02 -c 1PING host02.cn7p5alqphbi.svc.cluster.local (10.96.8.158) 56(84) bytes of data.64 bytes from 10.96.8.158 (10.96.8.158): icmp_seq=1 ttl=63 time=1.34 ms