Private location worker
How to access applications that are not publicly available
Overview
private location worker overview
The private location worker allows customers to include non-publicly available applications in Octomind test generation and execution. It is run by the customer within their private network, enabling it to reach internal applications for testing.
The worker acts as a combination of a proxy and tunneling mechanism, connecting the private network with the Octomind tool. This feature ensures secure access to applications hosted behind firewalls or other private environments.
Features
Tunneling with FRP
The tunneling is managed using FRP, connecting the worker’s frp-client to Octomind’s proxy servers (EU or US).
It requires access permission to specific public IPs: 35.192.162.70 or 34.159.153.198.
Access to private web applications
The embedded Squid proxy server allows requests from the private network, mimicking public proxy requests from within the customer’s network.
Test execution and generation
After registering the worker with Octomind, users can configure the proxy location for executing generation or test runs.
Usage
Customer can run and build the private location worker on their premises using a container.
Container image will be provided by Octomind, see registry, or it can be built on your own. See below to run the container a few environment variables are needed.
Environment vars
- APIKEY: the octomind APIKEY for your organization
- PLW_NAME: name of the private locations worker as registered in the octomind platform (name must match)
- PROXY_USER: username for the (squid) proxy
- PROXY_PASS: password for the (squid) proxy
- SERVER_ADDR: the address of the server that the worker will connect (default:
35.159.153.198)
The PROXY_USER and PROXY_PASS will protect your local proxy from authenticated access. When the worker starts it will register with the octomind platform and set the proxy user and pass, so that the octomind agent and test runner can of course use the proxy.
You can start as many private location worker as you like, but each must be registered by name with octomind first. The name must be unique for your organization.
Currently, only one instance of the worker is supported. We will support multiple instances of the worker with the same name as we scale.
Run
Private location worker can simply run as docker container:
docker run --rm -e PLW_NAME=worker1 -e APIKEY=12345 -e PROXY_PASS=secret -e PROXY_USER=octo eu.gcr.io/octomind-dev/plw:latest
or use a docker composed like this:
services:
private-location-worker:
image: eu.gcr.io/octomind-dev/plw:latest
environment:
APIKEY: 1234
PLW_NAME: worker1
PROXY_USER: foo
PROXY_PASS: bar
restart: on-failure
Security considerations
- The container image is open-source, allowing customers to review and build their own versions. Check out its GitHub repo.
- Network access can be restricted to the tunnel server and test targets.
- The Squid proxy requires authentication, ensuring secure access. Username and password is controlled by the customer.