gvisor-tap-vsock icon indicating copy to clipboard operation
gvisor-tap-vsock copied to clipboard

Published 20 hours ago verified publisher icon containers

Is there a way to check if the ssh is open for business ?

Open afbjorklund opened this issue 4 years ago • 7 comments

Trying to dial the tunnel port, but it seems to be throwing errors and die ?

tcpproxy: for incoming conn [::1]50054, error dialing "192.168.127.2:22": connect tcp 192.168.127.2:22: connection was refused
tcpproxy: for incoming conn [::1]50053, error dialing "192.168.127.2:22": connect tcp 192.168.127.2:22: connection was refused
Error: exit status 255

I could hardcode the VM IP, just hoping that there was a better way to test.

afbjorklund avatar Sep 11 '21 10:09 afbjorklund

You can think about the port forwarder like a nginx reverse proxy and the VM like a http backend. The reverse proxy doesn't know the state of the backend without using it. This is why you get Bad Gateway and not connection refused when the backend is down.

The port on gvproxy is always opened and does its best. But if the ssh service of the VM is not ready, it can't do much.

guillaumerose avatar Sep 13 '21 07:09 guillaumerose

But is there a way to "know" the IP address of the VM, so that one can check if port 22 is responding yet ?

Or should we just issue ssh commands in a loop until it responds, like how it was done in podman-machine ?

Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with boot2podman...

afbjorklund avatar Sep 13 '21 10:09 afbjorklund

Yes! You can know 2 things:

Which MAC addresses are connected to the switch with:

$ curl http://127.0.0.1:7777/cam | jq .   
{
  "5a:94:ef:e4:0c:ee": 0
}

5a:94:ef:e4:0c:ee is connected on the first port (0 is the index of the first connection).

Ask the DHCP to know which IP is attributed to which MAC address.

$ curl http://127.0.0.1:7777/leases | jq .
{
  "192.168.127.1": "5a:94:ef:e4:0c:dd",
  "192.168.127.2": "5a:94:ef:e4:0c:ee"
}

These 2 IP are handled by static lease defined in the code directly.

guillaumerose avatar Sep 13 '21 15:09 guillaumerose

Originally I was just hoping to be able to call SSH without getting an error 😀

But glad to hear that there is a way out, maybe it will improve in the future...

afbjorklund avatar Sep 13 '21 16:09 afbjorklund

@guillaumerose : so you might add a function, where one can query the (hard-coded) MAC address for the IP ?

        // Right now the mac address is hardcoded so that the host networking gives it a specific IP address.

afbjorklund avatar Sep 13 '21 17:09 afbjorklund

Originally I was just hoping to be able to call SSH without getting an error 😀

Yeah no good solution sorry :/

where one can query the (hard-coded) MAC address for the IP ?

This API endpoint already exists. /leases, /cam, etc. As long as the VM uses DHCP, it will show in DHCP leases (/leases). Otherwise, you will only get the MAC address in the CAM table of the switch (/cam).

guillaumerose avatar Sep 14 '21 13:09 guillaumerose

Silly me, no use for the IP address since the network isn't reachable anyway. That's what the proxy / tunnel is for...

afbjorklund avatar Sep 14 '21 16:09 afbjorklund