The proxy also supports a peer-to-peer (P2P) mode, which enables
two Hyper servers to establish a secure connection through the
proxy.
Connection Brokering
The brokering process for a P2P connection is as follows:
Hyper server A wants to connect to Hyper server B.
A recognizes through the directory entry of B that it can only
be reached through proxy P.
A sends a connectionRequest message to P over the
Hyper system, specifying B's gRPC server channel as the
recipient.
P creates a token and send a message to B over the Hyper
system, forwarding A's request and specifying a proxy endpoint to
connect to.
B receives the message and forwards it to the appropriate
channel, which handles it and connects to P's endpoint, sending the
token as the routing key.
P receives the connection from B and stores it.
P returns a confirmation to A containing the token and same
endpoint.
A connects to P's endpoint and also sends the token.
P accepts A's connection, retrieves B's matching connection and
proxies traffic between them.
Testing
To set up a test infrastructure, simply run (in different
shells):
# run the service directorySD_SETTINGS=settings/dev/roles/sd-1sdrun
# run the public proxyPROXY_SETTINGS=settings/dev/roles/public-proxy-1proxyrunpublic
# run all Hyper serversHYPER_SETTINGS=settings/dev/roles/hd-1hyperserverrun
HYPER_SETTINGS=settings/dev/roles/hd-2hyperserverrun
HYPER_SETTINGS=settings/dev/roles/public-proxy-hyper-1hyperserverrun
Make sure you run make sd-setup to update the
service directory with the necessary entries. Then you should be
able to request a ping from the HD-2 server through the proxy via
the HD-1 JSON-RPC server:
Peer To Peer (P2P) Proxy
The proxy also supports a peer-to-peer (P2P) mode, which enables two Hyper servers to establish a secure connection through the proxy.
Connection Brokering
The brokering process for a P2P connection is as follows:
connectionRequest
message to P over the Hyper system, specifying B's gRPC server channel as the recipient.Testing
To set up a test infrastructure, simply run (in different shells):
Make sure you run
make sd-setup
to update the service directory with the necessary entries. Then you should be able to request a ping from the HD-2 server through the proxy via the HD-1 JSON-RPC server: