> On April 18, 2018, 9:57 p.m., Santhosh Kumar Shanmugham wrote: > > Have you considered this approach? > > https://www.g-loaded.eu/2006/11/24/auto-closing-ssh-tunnels/
Hi Santhosh-- thanks for the link, I hadn't looked at that before. Unfortunately, I don't believe that will work for us. As far as I can tell from that doc, we would need to connect to the tunnel within a fixed amount of time, and then when that connection goes away, the tunnel is shut down. In our case, the dependent services make HTTP calls to the remote service over the tunnel, so we want the tunnel to stick around after the first HTTP call completes so that the dependent service can make subsequent HTTP calls. We might stop and restart the dependent service running locally (because we're actively developing on it) so we can't guarantee that the dependent service will continue to make requests at any particular rate, either. - Sameer ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/66697/#review201471 ----------------------------------------------------------- On April 18, 2018, 9:54 p.m., Sameer Brenn wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/66697/ > ----------------------------------------------------------- > > (Updated April 18, 2018, 9:54 p.m.) > > > Review request for Aurora, Joshua Cohen and Zameer Manji. > > > Repository: aurora > > > Description > ------- > > My team has some scripts to start devel shards which create tunnels: > > ``` > aurora task ssh -L 8002:http --ssh-options "-f -N" > "$DC/$USER/devel/proxyapp/0" > aurora task ssh -L 9002:health --ssh-options "-f -N" > "$DC/$USER/devel/proxyapp/0" > ``` > > We use fixed local port numbers because that way we can run dependent > services locally that look for locally-running copies of the > same service on a fixed port, but then those requests get tunnelled through > to the devel shard. > > When the devel shard is restarted, however, the tunnel is still running so > the subsequent call to create a new tunnel fails because > it can't bind to the fixed port. > > If we save the SSH process PID to a file, we can then kill existing tunnel to > the old instance before starting up the new tunnel to the > new instance. > > > Diffs > ----- > > src/main/python/apache/aurora/client/cli/task.py > 652a545072f161dbf854b3d6d273809b09d142e8 > src/test/python/apache/aurora/client/cli/test_task.py > a543d4a101c58149f8af265257d061ff5032049c > > > Diff: https://reviews.apache.org/r/66697/diff/3/ > > > Testing > ------- > > ``` > $ ./pants test src/test/python/apache/aurora/client:: > ``` > > And when applying the same patch to our local repo at Twitter: > > ``` > $ ./pants run > twitter/src/main/python/twitter/aurora/client/cli_internal:aurora_internal -- > task ssh -L 8005:http --ssh-options "-n -N" --pid-file /tmp/p > "smf1/sbrenn/devel/proxyapp/0" & > $ ps -p `cat /tmp/p` > PID TTY TIME CMD > 34729 ttys000 0:00.05 ssh -t -n -N -L > 8005:smf1-aki-27-sr1.prod.twitter.com:31794 > [email protected] cd > /var/lib/mesos/slaves/*/frameworks/*/exec > ``` > > > Thanks, > > Sameer Brenn > >
