[draft] [rfc] VM labs via http & ssh

[Skarlett]

Purpose:

Users may conduct demonstrations, test deployments, experiment, jailed execution, game servers, emulate instruction sets,

Objectives

• ideally, we'd like each VM to have the ability to talk to eachother over a private network.
• VMs should persist for a set amount of time, and then clean up after themselves.

VM Termination

Causes of termination will be:

• nested cpu virtualization
• exhaustive resource usage
• using vms as proxies or tunnels
• grey/malicious activities such as blacklisted domains, spamming, untargeted port scanning, untargeted webcrawls, or otherwise deemed inappropriate from an administer

User story

A terminal session will be available by request of the operator by invoking:
(Fig A)

@botname lab <OS>?@<version>

Fig A.

Accepted

A direct message will be sent to the operator, with the prompt:

Lab VM <identity> started:
  webshell (administrator): https://<domain>/<feature-name>/<identity>/auth
  webshell         (share): https://<domain>/<feature-name>/<identity>/auth?u=<auth-session>
       ssh (administrator): <identity>@<domain>
  tls-dhe-aes-256-gcm-sha256, <more ciphers>
                          .., ...

The VM will be placed in a private network, and will be unable to access other people's VMs unless explicitly agreed upon between both operators.

Though the box doesn't allow ingress traffic, you may ask Coggiebot to open ports on your behalf.
An example of invoking the procedure:

@botname lab <id> --open-port 4489

The purposal for the backend implementation would consist of kubernetes, a vpn, and a bastion host. Each node in the private cluster would consist of primary