Library based ssh #1209
Library based ssh #1209
Conversation
kubevirt-bot
added
the
dco-signoff: yes
|
Hi @aerosouund. Thanks for your PR. PRs from untrusted users cannot be marked as trusted with I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
aerosouund
force-pushed
the
library-based-ssh
branch
2 times, most recently
from
c99528b to
b5ea285
Compare
| if err != nil { | ||
| return "", fmt.Errorf("Error creating forwarded ssh connection: %s", err) | ||
| } | ||
| jumpHost := ssh.NewClient(ncc, chans, reqs) |
There was a problem hiding this comment.
In general I'd prefer if you moved all this init and config part into a separate function that gets executed once per SSHClient instantiation, I'd expect that you establish the SSH connection once and keep it alive for the lifetime of the SSHClient struct.
In practice I'd have modify the interface to have a Command() function, this way you'd establish the connection once when you instantiate the ssh client and then Command() would just sent commands using the open ssh session and a Close() function that closes the socket. This way you have 1 socket per connection instead of 1 per command.
That said, this is an optimization, take it a as follow-up work.
There was a problem hiding this comment.
Acknowledged. i think its a good idea as well
we can implement it in a follow up PR
aerosouund
force-pushed
the
library-based-ssh
branch
from
b5ea285 to
8c487c9
Compare
aerosouund
force-pushed
the
library-based-ssh
branch
from
8c487c9 to
6add7e6
Compare
aerosouund
force-pushed
the
library-based-ssh
branch
from
6add7e6 to
8d12b8d
Compare
| @@ -0,0 +1,29 @@ | |||
| package utils | |||
There was a problem hiding this comment.
dbfa492 commit message. The part about using struct and what it takes seems redundant. A more interesting part would be to see why we need this package. Something general/summary as below:
Example:
Introduce SSH package
The package provides simple interface for SSH to specific node and implementation of this interface.
The implementation is based on std ssh package and we use the SSH port exposed on master node.
Jump is used to SSH to other nodes.
| @@ -3,7 +3,6 @@ package cmd | |||
| import ( | |||
| "bufio" | |||
| "bytes" | |||
| "errors" | |||
There was a problem hiding this comment.
Please adjust commit messages to something like https://www.conventionalcommits.org/en/v1.0.0/
aerosouund
force-pushed
the
library-based-ssh
branch
3 times, most recently
from
cb7fecc to
8a3bd30
Compare
Signed-off-by: aerosouund <[email protected]>
aerosouund
force-pushed
the
library-based-ssh
branch
from
8a3bd30 to
101007b
Compare
cluster-provision/gocli/cmd/run.go
Outdated
|
|
||
| if !success { | ||
| return fmt.Errorf("provisioning node %s failed", nodeName) | ||
| if x+1 == 1 { |
There was a problem hiding this comment.
This is change of logic, you should preserve the logic and change this in next commit. I think this is fine nevertheless, @brianmcarey wdyt?
| } | ||
|
|
||
| // move the scripts to the same location they were in in the nodecontainer to enable command abstraction | ||
| for _, cmd := range []string{"sudo mkdir /scripts", "sudo cp -r /home/vagrant/scripts/* /scripts"} { |
There was a problem hiding this comment.
Why can't we do this in previous command?
There was a problem hiding this comment.
you mean sudo mkdir /scripts && sudo cp -r /home/vagrant/scripts/* /scripts ?
There was a problem hiding this comment.
I mean the previous command (scp) -r /scripts [email protected]%d:/home/vagrant/scripts moves the scripts to the VM and here we move them within the VM. Why can't we set the location right with the scp?
There was a problem hiding this comment.
@xpivarc
Because editing the root directory requires sudo privileges and the root user does not have an ssh key so you cant scp as him
There was a problem hiding this comment.
Ah make sense, I'll have one more pass
aerosouund
force-pushed
the
library-based-ssh
branch
from
101007b to
4db5c1f
Compare
|
@dhiller @brianmcarey Can you help me merge this one (missing approver right on this repo :) ) |
aerosouund
force-pushed
the
library-based-ssh
branch
from
4db5c1f to
f1cf73c
Compare
|
/cc |
Keep ssh in a single place by leveraging the adapter and passing it as a param for functions that did docker exec themselves; prepareDeviceForAssignment and prepareEtcdDataMount. Replace the logic for checking if there's a special provision script for a node to running the script for node01 at index 1 Signed-off-by: aerosouund <[email protected]>
aerosouund
force-pushed
the
library-based-ssh
branch
from
8a8315a to
bb55f9c
Compare
The config package introduces holder structs that contain the params for a node and the k8s optional deployments on a kubevirt provider. To pass this config directly to other methods without having to pass every parameter to the functions that run the node or k8s options Signed-off-by: aerosouund <[email protected]>
Package the logic of node launching and configuring its linux system into provisionNode and running the optional k8s deployments into provisionK8sOptions. Both functions take as a parameter an ssh client and a struct that represents a holder to their config from the config package Signed-off-by: aerosouund <[email protected]>
Introduce a testing package based on mock that tests the provisionNode and provisionK8sOptions methods and include the logic to run this package in the main test suite of the cmd package Signed-off-by: aerosouund <[email protected]>
Use an implementation based on ssh'ing directly to nodes rather than through their node container. Move the scripts directory on the node during provisioning and remove it after finishing Signed-off-by: aerosouund <[email protected]>
aerosouund
force-pushed
the
library-based-ssh
branch
from
bb55f9c to
1c993f7
Compare
|
/test check-provision-k8s-1.28 |
|
/test check-provision-k8s-1.30 |
|
/lgtm |
|
/test ? |
|
@brianmcarey: The following commands are available to trigger required jobs:
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/test check-gocli |
|
@aerosouund: The following test failed, say
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: brianmcarey, dhiller The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
kubevirt-bot
added
the
approved
|
/override check-provision-alpine-with-test-tooling Not related to these changes. |
|
@brianmcarey: Overrode contexts on behalf of brianmcarey: check-provision-alpine-with-test-tooling In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
[a087e7e Automatic bump of CentOS Stream to latest](kubevirt/kubevirtci#1219) [83e15cc alpine,image: Use full image name for qemu-user-static image](kubevirt/kubevirtci#1218) [aa7d876 Library based ssh](kubevirt/kubevirtci#1209) [c43f010 fix missing whitespace](kubevirt/kubevirtci#1216) [9bb50bf enable vm-image-builder for s390x.](kubevirt/kubevirtci#1207) ```release-note NONE ``` Signed-off-by: kubevirt-bot <[email protected]>
| cmds := []string{ | ||
| fmt.Sprintf("mkdir -p %s", etcdDataDir), | ||
| fmt.Sprintf("test -d %s", etcdDataDir), | ||
| fmt.Sprintf("mount -t tmpfs -o size=%s tmpfs %s", mountSize, etcdDataDir), |
There was a problem hiding this comment.
@aerosouund This needs to run with sudo, see failure in kubevirt/kubevirt#12310
[f3a5054 fix: Run etcd commads with sudo](kubevirt/kubevirtci#1223) [a087e7e Automatic bump of CentOS Stream to latest](kubevirt/kubevirtci#1219) [83e15cc alpine,image: Use full image name for qemu-user-static image](kubevirt/kubevirtci#1218) [aa7d876 Library based ssh](kubevirt/kubevirtci#1209) [c43f010 fix missing whitespace](kubevirt/kubevirtci#1216) [9bb50bf enable vm-image-builder for s390x.](kubevirt/kubevirtci#1207) ```release-note NONE ``` Signed-off-by: kubevirt-bot <[email protected]>
What this PR does / why we need it:
Replaces ssh.sh in run.go with golang library based ssh that goes directly to the node rather than the node container as a middle man
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
Checklist
Release note: