Create a way to test an app's proxy support and egress policies locally

[russellhaering]

In thinking through what someone would want out of a local enclave simulator, I think the main things that could give people trouble are:

1. Configuring their app to use the odyn proxy
2. Tailoring a policy for their app

There are a few more like testing KMS integration that aren't easy to simulate locally, but these actually are. One approach might be:

1. Add a flag to Odyn that causes it to run in "simulator" mode, where it just forwards traffic directly out to the internet instead of over a vsock (or, forward traffic to the "outside-the-enclave" half of the proxy over TCP instead of vsock), but still enforces policy
2. Create a CLI command which would build a container almost like the one which would be converted to an EIF, but with the Odyn "simulator" flag set - then just run that container.

[robszumski]

Agreed, I like the simulator container approach. It allows you to touch most of the Enclaver bits that you'd want to test if you're running it for the first time or if you're tweaking your policy.