thaloco/banger
1
Fork 0
Code Pull requests Releases Packages Activity Actions

Add vsock-backed VM port inspection

Browse source 
Let the host ask the guest vsock agent to run ss so open ports can be surfaced without SSHing in manually.

Add a narrow /ports agent endpoint, a daemon vm.ports RPC that enriches listeners with <hostname>.vm endpoints and best-effort HTTP links, and a concurrent 'banger vm ports' CLI table for one or more VMs.

Update the guest package contract to include ss for rebuilt Debian images, allow the guest agent package in the shell-out policy, and cover the new parsing/RPC/CLI flow in tests.

Verified with GOCACHE=/tmp/banger-gocache go test ./... outside the sandbox, make build, bash -n customize.sh make-rootfs-void.sh verify.sh, and ./banger vm ports --help.
This commit is contained in:
Thales Maciel 2026-03-19 15:52:11 -03:00
parent 3ed78fdcfc
commit c298ed2fc1
No known key found for this signature in database
GPG key ID: 33112E6833C34679
11 changed files with 1029 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

15
README.md
View file

@ -110,6 +110,11 @@ banger vm ssh calm-otter
When the SSH session exits normally, `banger` checks the guest over vsock and
reminds you if the VM is still running.
Inspect host-reachable listening ports for one or more running VMs:
```bash
banger vm ports calm-otter buildbox
```
Stop, restart, kill, or delete it:
```bash
banger vm stop calm-otter
@ -246,6 +251,13 @@ for daemon-managed VMs. Known `A` records resolve `<vm-name>.vm` to the VM's
guest IPv4 address. Integrate your local resolver separately if you want
transparent `.vm` lookups on the host.
`banger vm ports` asks the guest-side `banger-vsock-agent` to run `ss`, then
prints host-usable `<hostname>.vm:port` endpoints plus the owning
process/command. TCP listeners get a short best-effort HTTP probe; when the
probe sees a real HTTP response, the command includes a clickable
`http://<hostname>.vm:port/` URL. Older images without `ss` may need rebuilding
before `vm ports` works.
## Storage Model
- VMs share a read-only base rootfs image.
- Each VM gets its own sparse writable system overlay for `/`.
@ -270,7 +282,8 @@ shell helpers treated as manual workflows rather than architecture drivers.
- Stopping a VM preserves its overlay and work disk.
## Rebuilding The Repo Default Rootfs
`packages.apt` controls the base apt packages baked into rebuilt images.
`packages.apt` controls the base apt packages baked into rebuilt images,
including guest tools such as `ss` used by `banger vm ports`.
To rebuild the source-checkout default image in `./runtime/rootfs-docker.ext4`:
```bash