Networking prerequisites for sandbox special events endpoint

[0div]

• introduce consts.go file in orchestrator and add the sandbox event IP
• set event server addfress via SANDBOX_EVENT_IP env var and passed via MMDS to the sbx
• add post-routing rule to catch requests to events domain

[linear]

E2B-2961 Setup networking in sandbox for events endpoint

[sitole]

Let’s name it something more general, like hyperloop or something, to allow re-use for different stuff than just events. Using events.e2b.dev is okay, as it’s a customer-facing feature.

Let’s add a simple HTTP server listener to the orchestrator listening on a port and serving, for example, the sandbox ID back. Then, let's do integration tests for that, so we know it works and will continue to work in the future.

[sitole]

Let’s name it something more general, like hyperloop or something, to allow re-use for different stuff than just events. Using events.e2b.dev is okay, as it’s a customer-facing feature.

Let’s add a simple HTTP server listener to the orchestrator listening on a port and serving, for example, the sandbox ID back. Then, let's do integration tests for that, so we know it works and will continue to work in the future.

@0div can you please respond/resolve comments in the previous review before we do another round?

The point of having that larger PR that you wanted broken down was to be able to run tests like this. With only networking setup in this one, i don't feel like adding this temporary server to ping back here and then later merging against that with different server setup will do us a service.

[sitole]

@0div can you please re-check the comments I did previously?

1. I explicitly mentioned we should rename stuff to something more general than "events server" (Networking prerequisites for sandbox special events endpoint #1107 (review)) and mentioned that the only thing that should stay "event" is the domain, as it's a customer-facing thing. As far as only change related to that is renaming of the domain (502bd02), leaving everything else still polluted with "event" naming
2. What IP address will be used is resolved internally, so just please close the review request (Networking prerequisites for sandbox special events endpoint #1107 (comment)) and ideally add final resolutions that we agreed on.

[0div]

@0div can you please re-check the comments I did previously?

1. I explicitly mentioned we should rename stuff to something more general than "events server" (Networking prerequisites for sandbox special events endpoint #1107 (review)) and mentioned that the only thing that should stay "event" is the domain, as it's a customer-facing thing. As far as only change related to that is renaming of the domain (502bd02), leaving everything else still polluted with "event" naming

The "it" in "let's name it" wasn't clear to me, followed by "Using events.e2b.dev is okay", which could have been interpreted as "it's ok if we don't decide to rename it". Communication broke down at that point, we can do better, myself included.

2. What IP address will be used is resolved internally, so just please close the review request (Networking prerequisites for sandbox special events endpoint #1107 (comment)) and ideally add final resolutions that we agreed on.

👍

[cursor]

Bug: Terraform Configuration Lost in Makefile

Critical Terraform configuration, including the TF variable, TERRAFORM_STATE_BUCKET, tfvar function, and over 50 lines of tf_vars definitions, was accidentally deleted from the Makefile. This deletion is unrelated to the PR's networking changes and will break all Terraform deployments.

Makefile#L4-L70

infra/Makefile

Lines 4 to 70 in 09419a8

	-include ${ENV_FILE}
	# Login for Packer and Docker (uses gcloud user creds)
	# Login for Terraform (uses application default creds)
	.PHONY: login-gcloud
	login-gcloud:
	gcloud --quiet auth login
	gcloud config set project "$(GCP_PROJECT_ID)"
	gcloud --quiet auth configure-docker "$(GCP_REGION)-docker.pkg.dev"
	gcloud --quiet auth application-default login
	.PHONY: init
	init:
	./scripts/confirm.sh $(TERRAFORM_ENVIRONMENT)
	$(MAKE) -C iac/provider-gcp init
	# Setup production environment variables, this is used only for E2B.dev production
	# Uses Infisical CLI to read secrets from Infisical Vault
	# To update them, use the Infisical UI directly
	# On a first use, you need to run `infisical login` and `infisical init`
	.PHONY: download-prod-env
	download-prod-env:
	@ ./scripts/download-prod-env.sh ${ENV}
	.PHONY: plan
	plan:
	$(MAKE) -C iac/provider-gcp plan
	# Deploy all jobs in Nomad
	.PHONY: plan-only-jobs
	plan-only-jobs:
	$(MAKE) -C iac/provider-gcp plan-only-jobs
	# Deploy a specific job name in Nomad
	# When job name is specified, all '-' are replaced with '_' in the job name
	.PHONY: plan-only-jobs/%
	plan-only-jobs/%:
	$(MAKE) -C iac/provider-gcp plan-only-jobs/$(subst -,_,$(notdir $@))
	.PHONY: plan-without-jobs
	plan-without-jobs:
	$(MAKE) -C iac/provider-gcp plan-without-jobs
	.PHONY: apply
	apply:
	./scripts/confirm.sh $(TERRAFORM_ENVIRONMENT)
	$(MAKE) -C iac/provider-gcp apply
	# Shortcut to importing resources into Terraform state (e.g. after creating resources manually or switching between different branches for the same environment)
	.PHONY: import
	import:
	./scripts/confirm.sh $(TERRAFORM_ENVIRONMENT)
	$(MAKE) -C iac/provider-gcp import
	.PHONY: version
	version:
	./scripts/increment-version.sh
	.PHONY: build
	build/%:
	$(MAKE) -C packages/$(notdir $@) build
	.PHONY: build-and-upload
	build-and-upload:build-and-upload/api
	build-and-upload:build-and-upload/client-proxy
	build-and-upload:build-and-upload/docker-reverse-proxy
	build-and-upload:build-and-upload/clean-nfs-cache

 

---