CloudTunnel Atlanta Ruby Users Group October 2012

Editor's Notes

• #2: \n
• #3: - Let’s get the hard questions out of the way first.\n- For those of you who don’t know me, my name is Jonathan Manuzak\n- I’m the lead developer at a startup called CodeGuard, where we do website backup and monitoring\n\n
• #4: \n
• #5: Like most of you, I do most of my development on a laptop\nOk, maybe it looks more like this...\n
• #6: What’s more interesting is where I could be working from. I might be at the office, my house, a coffee shop, an airport or who knows where\n\n
• #7: - The one thing all of these situations have in common is that I’m behind a firewall or NAT device\n\nLet’s take a second to talk about these firewalls or nat devices\n
• #8: Firewalls are like diodes, they really prefer for things to go in one direction. In the case of firewalls, it’s out. You can connect to websites, email, maybe FTP.\n\n- Even if you could make these changes they can be a security risk\n- It’s really never accessible to the rest of the world\n
• #9: Firewalls are like diodes, they really prefer for things to go in one direction. In the case of firewalls, it’s out. You can connect to websites, email, maybe FTP.\n\n- Even if you could make these changes they can be a security risk\n- It’s really never accessible to the rest of the world\n
• #10: Firewalls are like diodes, they really prefer for things to go in one direction. In the case of firewalls, it’s out. You can connect to websites, email, maybe FTP.\n\n- Even if you could make these changes they can be a security risk\n- It’s really never accessible to the rest of the world\n
• #11: Firewalls are like diodes, they really prefer for things to go in one direction. In the case of firewalls, it’s out. You can connect to websites, email, maybe FTP.\n\n- Even if you could make these changes they can be a security risk\n- It’s really never accessible to the rest of the world\n
• #12: - But, the rest of the world has lots of cool stuff and people!\n\n\n
• #13: - You may want to share an app you’re working on with a client instead of sending screenshots\n\n
• #14: - Then there are services, full of webhooks and callbacks\n- OAuth Authentication providers\n- Payments\n- Communications\n\nThis stuff can be painful to develop if you have to keep deploying, testing, deploying, testing\n\n\n\n\n
• #15: - Then there are services, full of webhooks and callbacks\n- OAuth Authentication providers\n- Payments\n- Communications\n\nThis stuff can be painful to develop if you have to keep deploying, testing, deploying, testing\n\n\n\n\n
• #16: - Then there are services, full of webhooks and callbacks\n- OAuth Authentication providers\n- Payments\n- Communications\n\nWith all of these big companies -- facebook, twitter, google...\n\n
• #17: - With all of those companies on the previous page who claim to support developers, this should be a non-issue, right?\n
• #18: Sure, there are a few ways around it\n
• #19: Sure, there are a few ways around it\n
• #20: - Just fire up a ssh tunnel\n- Has anyone here used SSH tunnels before?\nDid you know that SSH was released in 1995 and by the end of that year it had over 20,000 users. Not bad growth for one year, right?\n
• #21: Assume you have a local webserver running on port 8080\nIt’s sunday afternoon, you’re at home, and you want to show someone this cool app you’re working on\nMaybe it’s your Grandma\n
• #22: ... and she’s at her house in a different state\nLets also assume that you have a linode or slicehost...\n
• #23: ...some kind server floating around...\n
• #24: ... out there on the internet\nNow, how do we get grandma to see your local webserver?\nUsing some variation of that ugly command I showed earlier, we can create a tunnel from your server to your laptop \n\n
• #25: The first part of the tunnel is an SSH connection that’s made from your laptop out, through your firewall/router to the remote server\nThen the tunnel is created which essentially binds two ports on either side of the ssh connection\n\n
• #26: Thereby sending all traffic from port 80 on the server through the tunnel to port 8080 on your local machine\n\n
• #27: Then all grandma has to do is connect to the remote server in her browser and she’ll see what you see\n\n
• #28: SSH tunnels are easy if you have all of the right ingredients\n\n- Outside of your firewall\n- For ssh\n- ...because you’re probably going to need at root or sudo access to do this\n\nSo if you have all of that, it’s just a simple one-line command\n
• #29: I’m lazy, so the appeal of running my own server and having to run this command every time I want to use an ssh tunnel is not appealing.\n\n
• #30: \n
• #31: Localhost maintains the public server for you \nIt also provides a nice client to hide the ugly tunnel creation stuff\n\n
• #32: \n
• #33: \n
• #34: \n
• #35: \n
• #36: \n
• #37: Localtunnel is awesome, but it has a few issues that make it a pain to use more than occasionally\n\n- First, the hostname is random. It changes every time you connect.\n- Idle timeout\n\n- If you change network connections, restart your server, put your laptop to sleep or do anything else to interrupt that socket connection you’re going to have to restart localtunnel.\n
• #38: Localtunnel is awesome, but it has a few issues that make it a pain to use more than occasionally\n\n- First, the hostname is random. It changes every time you connect.\n- Idle timeout\n\n- If you change network connections, restart your server, put your laptop to sleep or do anything else to interrupt that socket connection you’re going to have to restart localtunnel.\n
• #39: Localtunnel is awesome, but it has a few issues that make it a pain to use more than occasionally\n\n- First, the hostname is random. It changes every time you connect.\n- Idle timeout\n\n- If you change network connections, restart your server, put your laptop to sleep or do anything else to interrupt that socket connection you’re going to have to restart localtunnel.\n
• #40: Localtunnel is awesome, but it has a few issues that make it a pain to use more than occasionally\n\n- First, the hostname is random. It changes every time you connect.\n- Idle timeout\n\n- If you change network connections, restart your server, put your laptop to sleep or do anything else to interrupt that socket connection you’re going to have to restart localtunnel.\n
• #41: Localtunnel is awesome, but it has a few issues that make it a pain to use more than occasionally\n\n- First, the hostname is random. It changes every time you connect.\n- Idle timeout\n\n- If you change network connections, restart your server, put your laptop to sleep or do anything else to interrupt that socket connection you’re going to have to restart localtunnel.\n
• #42: \n
• #43: - There are some alternatives to localtunnel\n- Both showoff io and pagekite allow custom cnames, but as far as I can tell still suffer from the other issues.\n- So, just like many engineers, rather than spending the princely sum of $4 or $5 per month, I decided to solve the solution myself using localtunnel.\n
• #44: Quick side note. This is what you see if you search for ‘cloud tunnel’ \n\nIt’s a type of arcus cloud, called a roll cloud. They’re relatively rare, and appear to be when an incoming cold sea breeze meets the warmer opposing landmass.\n
• #45: The service maintains a record of your localtunnel address and forwards users from a hostname you specify to your current localtunnel\n- Runs on Heroku\n
• #46: The service maintains a record of your localtunnel address and forwards users from a hostname you specify to your current localtunnel\n- Runs on Heroku\n
• #47: Lets take a closer look at what was going on during the demo\nIf we look at the processlist, we’d notice 3 cloud_tunnel processes\nThe monitor is created by the deamon to watch over, start, and stop the primary cloud_tunnel process\n- If you noticed during the first demo, the localtunnel client blocked until it was killed\n
• #48: Lets take a closer look at what was going on during the demo\nIf we look at the processlist, we’d notice 3 cloud_tunnel processes\nThe monitor is created by the deamon to watch over, start, and stop the primary cloud_tunnel process...\n\n
• #49: This so called primary tunnel process handles the creation and maintenance of the localtunnel client connection\n- If you noticed during the first demo, the localtunnel client blocked until it was killed\n- For compatibility, I wanted to re-use the localtunnel client instead of reimplementing it myself\nThis adds a bit of complexity, but with a new version of localtunnel on the horizon it will make forward compatibility easier\n\n
• #50: Finally, this is the localtunnel client which was forked from the primary cloud_tunnel process\n\n
• #51: This is the wrapper class that handles the LocalTunnel client. The meat of it is here...\n
• #52: After creating a new instance of the LocalTunnel client, the tunnel is opened (which blocks), so we detach the process\n
• #53: After creating a new instance of the LocalTunnel client, the tunnel is opened (which blocks), so we detach the process\n
• #54: After creating a new instance of the LocalTunnel client, the tunnel is opened (which blocks), so we detach the process\n
• #55: After creating a new instance of the LocalTunnel client, the tunnel is opened (which blocks), so we detach the process\n
• #56: After creating a new instance of the LocalTunnel client, the tunnel is opened (which blocks), so we detach the process\n
• #57: After creating a new instance of the LocalTunnel client, the tunnel is opened (which blocks), so we detach the process\n
• #58: After creating a new instance of the LocalTunnel client, the tunnel is opened (which blocks), so we detach the process\n
• #59: After creating a new instance of the LocalTunnel client, the tunnel is opened (which blocks), so we detach the process\n
• #60: After creating a new instance of the LocalTunnel client, the tunnel is opened (which blocks), so we detach the process\n
• #61: Process allows better management\nBut we’re kind of using threads. Thread waits on \n
• #62: This is the wrapper class that handles the LocalTunnel client. The meat of it is here...\n
• #63: This is the wrapper class that handles the LocalTunnel client. The meat of it is here...\n
• #64: This is the wrapper class that handles the LocalTunnel client. The meat of it is here...\n
• #65: This is the wrapper class that handles the LocalTunnel client. The meat of it is here...\n
• #66: Now that we detached that process, we have to keep an eye on it.\nThis is a script that starts and maintains that tunnel which and is invoked from the daemon\n
• #67: Now that we detached that process, we have to keep an eye on it.\nThis is a script that starts and maintains that tunnel which and is invoked from the daemon\n
• #68: Now that we detached that process, we have to keep an eye on it.\nThis is a script that starts and maintains that tunnel which and is invoked from the daemon\n
• #69: \n
• #70: \n
• #71: \n
• #72: \n
• #73: \n
• #74: \n
• #75: \n
• #76: \n
• #77: You can find everything I talked about here today on Github. I’d encourage you to give it a try and let me know what you think. Pull requests are welcome.\nQuestions?\n
• #78: \n