Description
Seeking feedback
We are seeking feedback on the Quick Start section (details below) of our project's readme. Our goal here is to learn if people have a good experience when they try out this first example. Does it make sense? How can we improve it to make it more clear?
If you are looking for a way to contribute to Ockam this is a great place to start. If you can record your screen when trying this example that would be extremely helpful. Share with us any thoughts or questions that come to mind as you try this example out. If you feel confused at some point share that. If you have a question at some point share that. Share your inner monologue as you try the below Quick Start section.
How to provide your feedback (create a new issue)
Please create a new issue instead of replying to this one. This way we can give you credit when we close that issue (the one you create). In your issue, please do the following, so it is easy for us to track it as a no-code user experience (UX) feedback contribution:
- Please share any links to videos, or notes in your newly created issue. Please try and upload your videos to github.com.
- Start the title with: “[UX feedback]: ”
The thing we want feedback on
The following content is a copy of what you will find in our README.md. We just copied it below for your convenience.
Quick Start
Let's build a solution for a very common secure communication topology that applies to many real world use cases. We'll build our first example using Ockam Command but it is just as easy to build end-to-end trustful communication using Ockam Programming Libraries
An application service and an application client running in two private networks wish to securely communicate with each other without exposing ports on the Internet. In a few simple commands, we’ll make them safely talk to each other through an End-to-End Encrypted Cloud Relay.
Install Ockam Command
On Linux and MacOS systems you can install Ockam using curl.
curl --proto '=https' --tlsv1.2 -sSfL https://install.command.ockam.io | bashEnd-to-end encrypted and mutually authenticated communication
Next, step through the following commands to setup secure and private
communication between an application service and an application client.
Read all the comments above and the messages printed when the commands are running to try and understand what is happening:
# Check that everything was installed correctly by enrolling with Ockam Orchestrator.
#
# This will create a Space and Project for you in Ockam Orchestrator and provision an
# End-to-End Encrypted Cloud Relay service in your `default` project at `/project/default`.
ockam enroll
# -- APPLICATION SERVICE --
# Start an application service, listening on a local IP and port, that clients would access
# through the cloud encrypted relay. We'll use a simple HTTP server for this first example
# but this could be any other application service.
python3 -m http.server --bind 127.0.0.1 6000
# In a new terminal window, setup a tcp-outlet that makes a TCP service available at the given
# address `6000`. We can use this to send raw TCP traffic to the HTTP server on port `6000`.
# Finally create a relay in your default Orchestrator project. Relays make it possible to
# establish end-to-end protocols with services operating in a remote private networks, without
# requiring a remote service to expose listening ports to an outside hostile network like the
# Internet.
ockam tcp-outlet create --to 6000
ockam relay create
# -- APPLICATION CLIENT --
# If you are running this on a completely separate machine, run ockam enroll again.
# If its the same machine no need to run ockam enroll again
ockam enroll
# Setup a a local tcp-inlet to allow raw TCP traffic to be received on port `7000` before
# it is forwarded. A TCP inlet is a way of defining where a node should be listening for
# connections, and where it should forward that traffic to.
ockam tcp-inlet create --from 7000
# Access the application service, that may be in a remote private network though
# the end-to-end encrypted secure channel, via your private and encrypted cloud relay.
curl --head 127.0.0.1:7000
# -- RESET --
# Reset everything on each machine
ockam resetWhat did you think? Did it makes sense? How could the quickstart be better?
Thank you for your thoughts and feedback.
We love helping new contributors! ❤️
If you have questions or need help as you explore, please join us on Discord. If you're looking for other issues to contribute to, please checkout our good first issues.
Activity