New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add SSH jump host support #1283
Conversation
2ced90d
to
0fa4fcc
Compare
d2c8fa6
to
ce9c1c1
Compare
2910ba4
to
187fecb
Compare
Rebased on master since #1270 was merged. |
7e6c2de
to
ff180f4
Compare
nixops/backends/none.py
Outdated
# TODO: Use a better method that works with bastion hosts | ||
res.is_up = nixops.util.ping_tcp_port(self.target_host, self.ssh_port) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we're guaranteed to have a working SSH, so let's just use the same "ssh and run true
" strategy as in other places. @aanderse mentioned some backends might not need to use SSH, but that is a big enough thing to be a whole feature request and "epic".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great, with just a few comments. Let's work on getting those dots back together? I think the UI feedback is important. Sometimes it can take like 30min for it to finish, and wow it is scary enough with the dots showing nixops isn't dead.
Since we're opting to go for more of a user-supplied "use sshOptions to do it", we'll need to bolster this use case by writing a user's guide on how to deploy with a jump host. |
ea2cbbe
to
5f235f3
Compare
…r host liveness This is in preparation for bastion (jump host) support where this method would only check that the bastion is up and not the actual host on the other end.
5f235f3
to
362d049
Compare
This work is based on #1270 because they touch a lot of the same code.
Additionally as a requisite for this work I have changed the "TCP ping" to actually log in to the remote host and run a command instead of just checking the TCP port availability.
Closes #1150
Closes #784