Lando sharing service

[pirog]

lando/lando#1675

Holodroid Infrastructure

• Define Istio installation config & install
• Research a TLS strategy with a wildcard certificate for dynamic subdomains
• Install Prometheus, Grafana, Alert Manager, Jaeger, Kiali
• Rebuild cluster to use N2 standard nodes

Holodroid API

Project: https://github.com/thinktandem/holodroid

• API: POST /api/sessions for session request
• Email: Build & style validation email
• API: GET /api/sessions/{id}/activate
• API: GET /api/sessions/{id}
• API: DELETE /api/sessions/{id}
• UI: /sessions/{id}
• UI: /sessions/{id}/activate
• Refactor from port based endpoints to subdomain based endpoints
• Refactor functional tests
• Build a command to expire and close orphaned sessions
• Define a dockerfile for app deployment
• Work out a CD strategy for theh app
• Build a front-end for proxy sessions to be initiated outside of Lando
• Define a TOS so limits and intended use is clear
• Allow users to add IP whitelist to proxy request if possible using AuthorizationPolicy

Holodroid Tunnel

project: https://github.com/thinktandem/holodroid-tunnel

• Research and identify option for the tunnel server/client
• Finalize the Holodroid Docker image

Lando

• Refactor share command to use Holodroid
• Consider/implement a way for users to accept TOS
• Document usage of share

Phase 2

• Build out a Users API and Oauth2 service
• Refactor Holodroid API to bypass validation when valid Oauth tokens are present
• Add support for basic auth (Istio may support in a few months. Github Issue)

[pirog]

@mikemilano we need to organize the following notes, possibly by refactoring the issue description or closing this ticket in favor of a new one. Please do whatever is most helpful to you.

We came to a few decision points:

1. Branding

We should be branding through holodroid.io and treat Lando as an "enterprise customer". I think using lando.holodroid.io makes sense. This means we dont need to do anything special around HTTP/HTTPS handling because of using lando.dev

2. Design

We will to do a basic redesign of holodroid.io but this page should

1. How to use the service
2. pricing/plans
3. some way to subscribe (eg stripe)
4. A callout that this product is made by the Lando team and/or listing lando in a "trusted by" sort of callout

@mikemilano im happy to do the design part of this

3. Stripe billing

We should use stripe to allow people to subscribe to the service. We also should use stripe, for now, to validate subscribers are allowed to access the service. This may mean we can do a more straightforward authentication method than the current "check your email" version. This means that there will be no free version of the service, however, we may still want to give a first month free or something.

We are also no longer going to give this out for free to our lando sponsors. However we will want to give them some sort of coupon code based discount: either X months for free or a % off the subscription. former would be ideal if it does not require additional engineering.

4. Action items

1. • @reynoldsalec and i need to do business research still, @reynoldsalec could you spin up a card for that? the most pressing thing there is to figure out the pricing.
2. • We need to figure out when we are going to do this work, im guessing after we do the platform drupalcon preso we can pull back on the burn there and add some hours for this. it would be great to dedicate a full week to this to get it over the threshold
3. • We need to spin up a card to integrate this into lando, right now we are thinking some sort of on demand download of the needed binary while the user is authenticating