Overview

private location worker overview

private location worker overview

The private location worker allows customers to include non-publicly available applications in Octomind test generation and execution. It is run by the customer within their private network, enabling it to reach internal applications for testing. The worker acts as a combination of a proxy and tunneling mechanism, connecting the private network with the Octomind tool. This feature ensures secure access to applications hosted behind firewalls or other private environments.

Features

Tunneling with FRP

The tunneling is managed using FRP, connecting the worker’s frp-client to Octomind’s proxy servers (EU or US). It requires access permission to specific public IPs: 35.192.162.70, 34.159.153.198 or 34.129.193.156.

Access to private web applications

The embedded Squid proxy server allows requests from the private network, mimicking public proxy requests from within the customer’s network.

Test execution and generation

After registering the worker with Octomind, users can configure the proxy location for executing generation or test runs.

Usage

Customer can run and build the private location worker on their premises using a container. Container image will be provided by Octomind, see registry, or it can be built on your own. See below to run the container a few environment variables are needed.

Environment vars

  • APIKEY: the octomind APIKEY for your organization
  • PLW_NAME: name of the private locations worker as registered in the octomind platform (name must match)
  • PROXY_USER: username for the (squid) proxy
  • PROXY_PASS: password for the (squid) proxy
  • SERVER_ADDR: the address of the server that the worker will connect (default: 35.159.153.198)
The PROXY_USER and PROXY_PASS will protect your local proxy from authenticated access. When the worker starts it will register with the octomind platform and set the proxy user and pass, so that the octomind agent and test runner can of course use the proxy. You can start as many private location worker as you like, but each must be registered by name with octomind first. The name must be unique for your organization.
Currently, only one instance of the worker is supported. We will support multiple instances of the worker with the same name as we scale.

Run

Private location worker can simply run as docker container: 
docker run --rm -e PLW_NAME=worker1 -e APIKEY=12345 -e PROXY_PASS=secret -e PROXY_USER=octo eu.gcr.io/octomind-dev/plw:latest
or use a docker composed like this: 
services:
  private-location-worker:
    image: eu.gcr.io/octomind-dev/plw:latest
    environment:
      APIKEY: 1234
      PLW_NAME: worker1
      PROXY_USER: foo
      PROXY_PASS: bar
    restart: on-failure
or on kubernetes it would look like this: 
apiVersion: v1
kind: Pod
metadata:
  name: private-location-worker
spec:
  containers:
    - name: plw
      image: eu.gcr.io/octomind-dev/plw:latest
      env:
        - name: APIKEY
          value: <your api key>
        - name: PLW_NAME
          value: staging
        - name: PROXY_USER
          value: proxy
        - name: PROXY_PASS
          value: secret11

Security considerations

  • The container image is open-source, allowing customers to review and build their own versions. Check out its GitHub repo.
  • Network access can be restricted to the tunnel server and test targets.
  • The Squid proxy requires authentication, ensuring secure access. Username and password is controlled by the customer.

Sequence on connect

Sequence on disconnect