Container Labs

Four playground labs provision real LXC containers on the lab engine at 10.42.0.210:8094 and connect users via TerminalEmbed (xterm.js). All four follow the same lifecycle: the LabLauncher provisions a container on the isolated vmbr99 network (10.99.0.1/24), then TerminalEmbed opens a WebSocket to provide a live shell. Containers auto-destroy after 60 minutes.

Shared Components

TerminalEmbed

src/components/labs/TerminalEmbed.astro wraps xterm.js with an Arcturus-Prime-themed terminal. It accepts sessionId and containerId props (0-indexed for multi-container labs like networking). The TerminalConnection class initializes xterm.js with a dark theme (background #0a0e17, JetBrains Mono 14px), FitAddon for responsive sizing, and WebLinksAddon for clickable URLs.

Connection flow: build WebSocket URL via labWebSocketUrl(sessionId, containerId) (production: wss://labs.Arcturus-Prime.com/ws/terminal/{sessionId}, dev: Vite proxy), forward keystrokes over the WebSocket, write incoming data to xterm.js, and send resize events as JSON { type: 'resize', cols, rows }. Auto-reconnect uses exponential backoff (2s base, max 5 attempts, resets after 10s stable connection).

SessionBar

src/components/labs/SessionBar.astro activates on lab-ready. Displays session ID, countdown timer, CPU/memory bars (polled every 10s), +15m extend button, and End Lab button.

ChallengeTracker

All four container labs include a ChallengeTracker panel with tiered exercises. Each task can have expandable step-by-step instructions, a copyable command (click to copy), a hint, and expected output. Progress persists in localStorage.

Lab Pages

Container Lab (`/playground/containers`)

Route: src/pages/playground/containers.astro Template IDs: linux-fundamentals, container-workshop, networking-lab, iac-playground

The container lab is the most general-purpose lab. It defines four selectable templates:

Template	Description	Difficulty
Linux Sandbox	Alpine Linux with bash, vim, curl	Beginner
Container Workshop	Docker-in-container environment	Intermediate
Networking Lab	3 interconnected containers	Intermediate
IaC Playground	Ansible + target container	Advanced

All templates provision a single LXC container (except Networking Lab, which provisions three). Challenges start with environment exploration (check OS release, view disk space, list processes) and progress through package management, file system navigation, and resource monitoring.

Terminal Lab (`/playground/terminal`)

Route: src/pages/playground/terminal.astro Template ID: terminal-sandbox

The terminal lab focuses on command-line proficiency. It provisions a single Alpine Linux container with pre-installed tools and provides challenges organized by difficulty tier:

Beginner: File system navigation, basic commands (ls, cat, pwd, whoami)
Intermediate: Process management, text processing (grep, awk, sed), file permissions
Advanced: Shell scripting, network utilities (ip, ss, curl), package management
Expert: Performance profiling, custom scripts, complex pipelines

The lab imports LabLauncher, TerminalEmbed, SessionBar, and ChallengeTracker. Users see the launcher first, click Launch, and once provisioning completes the terminal appears with the challenge tracker alongside.

Networking Lab (`/playground/networking`)

Route: src/pages/playground/networking.astro Template ID: networking-lab

This lab provisions three interconnected LXC containers on a private bridge network to practice networking concepts. Each container gets its own TerminalEmbed instance (using containerId 0, 1, and 2), displayed side by side or tabbed depending on viewport width.

Challenges cover:

Beginner: Identify IP addresses with ip addr, ping between containers, check hostname
Intermediate: Configure static routes, explore DNS resolution, inspect ARP tables
Advanced: Set up firewall rules with iptables, configure NAT, debug connectivity with tcpdump
Expert: Build a routing topology, implement packet filtering policies, trace packets across the 3-node topology

The lab engine assigns IPs from the 10.99.0.0/24 lab network and sets up the bridge so containers can communicate.

IaC Lab (`/playground/iac`)

Route: src/pages/playground/iac.astro Template ID: iac-playground

The Infrastructure as Code lab provisions two containers: a control node with Ansible pre-installed and a target node to configure. The control node has an SSH key pre-distributed to the target for passwordless access.

The lab uses both LabLauncher and TerminalEmbed, with ChallengeTracker and DocumentationPanel for guided learning. Challenges include:

Beginner: Run ad-hoc Ansible commands, check connectivity with ansible -m ping
Intermediate: Write and execute playbooks, manage packages, configure services
Advanced: Use roles, templates, and handlers; deploy multi-step configurations
Expert: Implement idempotent playbooks with error handling, use Ansible Vault for secrets

The DocumentationPanel provides collapsible reference material alongside the challenge tracker.

Container Lifecycle

All container labs follow the same backend lifecycle:

POST /api/labs/create { template_id: "..." }
  → Lab engine clones Alpine LXC template on Proxmox Izar-Host
  → Assigns IP from 10.99.0.0/24 on vmbr99
  → Installs tools based on template (networking tools, Ansible, etc.)
  → Returns session_id, session_token, expires_at, container_ips

Session active (up to 60 minutes):
  → WebSocket terminal access via /ws/terminal/{sessionId}
  → Resource polling via GET /api/labs/{sessionId}
  → Extend via POST /api/labs/{sessionId}/extend (+15 min)

Session end:
  → DELETE /api/labs/{sessionId} (explicit)
  → OR: timer expiration (SessionBar auto-destroys)
  → OR: tab close (beforeunload handler)
  → Lab engine destroys LXC container, releases IP

If the lab engine is unreachable at any point (health check fails, provisioning errors), the LabLauncher falls back to simulation mode with a client-side terminal sandbox. A banner indicates simulation mode and offers a retry button.