Sockfwd a data forwarding gadget

Recently in to see containerd Code for , When I tried it, I found that it was listening to unix socket, No external access containerd.

What I want to verify is whether I can access... From the remote containerd、 management containerd The container of , So you need a remote access unix socket Tools for .

I searched the Internet , There is no ready-made implementation , I wrote it myself sockfwd.

usage

Usage:
  sockfwd [flags]

Flags:
  -d, --destination string    Destination address , That is, the address to forward to 
  -s, --source string         source address , That is, the address to receive the request 
  -q, --quiet                 silent mode 

Example

Local containerd The instance is exposed to the network ：

./sockfwd -s tcp://127.0.0.1:8090 -d unix:///var/run/containerd.sock

Local 127.0.0.1:8080 Port exposed to 0.0.0.0:8090 On port ：

./sockfwd -s tcp://127.0.0.1:8090 -d unix://127.0.0.1:8090

Expose local services to the network , Special attention should be paid to whether there are potential safety hazards ！

Other thoughts

I've been writing about golang, It is found that if it is only dealing with the data surface ,golang Provided goroute add channel Can handle data forwarding very gracefully , For example, this article is written sockfwd.

But if it involves control , For example, complex state management , Information across threads /goroute Sync , that channel Your abstract ability is still not enough , A lot of extra code needs to be written .

The follow-up plan

You can add support tls Authentication to forward data more securely .