I need sshd on a non-default port set up dynamically, but don't want to have the burden of maintaining my own boxes. I prefer developers from Centos/Debian/Bento, etc. take care of the boxes. The example here is given using environment variables, but I may want to use a dynamic yaml or json inventory file.
Actually I even don't know how Vagrant will handle a box with sshd on a non-default port. I must say that apparently I had some success doing this, it's just a seemingly random behavior. The example included is supposed to be a non-working one, and I'm looking for suggestions what can be done about it. Marcin On Friday, December 1, 2017 at 12:55:57 PM UTC+1, Alvaro Miranda Aguilera wrote: > > hello > > why you are doing this? > > can you share the idea or requirements behind this? > > vagrant is aim to help developers to create environments by code so they > can focus on the code. > > Alvaro > > On Fri, Dec 1, 2017 at 11:34 AM, Marcin Dulak <marcin...@gmail.com > <javascript:>> wrote: > >> I'm not sure if it's about any existing bug, or a completely new >> enhancement, or whether what I'm trying to do is against the vagrant design. >> >> >>> I want to change the sshd port on the guest dynamically. >> I start with a box setup with sshd on port 22, change the port to let's >> say 222, restart sshd. >> I want vagrant to be able to interact with that guest on the new port. >> >> ### Vagrant version >> >> $ VBoxManage -version >> 5.1.30r118389 >> >> >> $ vagrant --version >> Vagrant 2.0.1 >> >> >> $ vagrant plugin list >> vagrant-share (1.1.9, system) >> >> ### Host operating system >> >> $ cat /etc/*release | grep 'VERSION=' >> VERSION="16.04.3 LTS (Xenial Xerus)" >> >> >> ### Guest operating system >> >> https://app.vagrantup.com/centos/boxes/7 >> >> ### Vagrantfile >> >> # -*- mode: ruby -*- >> # vi: set ft=ruby : >> >> >> SSH_GUEST_PORT = ENV.fetch('SSH_GUEST_PORT', 22) >> >> >> # 1. vagrant up >> # 2. vagrant ssh -c 'sudo netstat -ntlp | grep ssh' >> # 3. vagrant ssh -c 'sudo sed -i "s/#Port 22/Port 222/" >> /etc/ssh/sshd_config' >> # 4. vagrant ssh -c 'sudo sed -i "s/^SELINUX=.*/SELINUX=permissive/" >> /etc/selinux/config' >> # 5. vagrant ssh -c 'getenforce&& sudo service sshd restart&& sudo >> netstat -ntlp | grep ssh&& sudo sync && sudo grep 222 /etc/ssh/sshd_config' >> # 6. SSH_GUEST_PORT=222 GUI=1 vagrant reload >> >> >> BOX = ENV.fetch('BOX', 'centos/7') >> >> >> # >> http://stackoverflow.com/questions/23926945/specify-headless-or-gui-from-command-line >> def gui_enabled? >> !ENV.fetch('GUI', '').empty? >> end >> >> >> Vagrant.configure(2) do |config| >> config.vm.define 'centos7' do |machine| >> machine.vm.box = BOX >> machine.vm.box_url = machine.vm.box >> machine.vm.provider 'virtualbox' do |p| >> p.memory = 256 >> p.cpus = 1 >> p.gui = gui_enabled? >> end >> # >> https://realguess.net/2015/10/06/overriding-the-default-forwarded-ssh-port-in-vagrant/ >> machine.vm.network :forwarded_port, guest: SSH_GUEST_PORT, host: 2200 >> , id: 'ssh', auto_correct: true >> machine.ssh.guest_port = SSH_GUEST_PORT >> puts 'SSH_GUEST_PORT ' + SSH_GUEST_PORT.to_s >> end >> config.vm.define 'centos7' do |machine| >> machine.vm.provision :shell, :inline => 'hostnamectl set-hostname >> centos7' >> machine.vm.provision :shell, :inline => 'yum -y install net-tools >> lsof' >> machine.vm.provision :shell, :inline => 'setenforce 0', run: 'always' >> end >> end >> >> >> ### Debug output >> >> ### Expected behavior >> >> vagrant connects to the guest over the new sshd port >> >> ### Actual behavior >> >> Note the unexpected `Port 22` reported by `vagrant ssh-config`. >> >> Vagrant is unable to connect to the box. >> >> Verify in the Virtualbox GUI that sshd is actually listening on 222 after >> reboot, >> since it happens sometimes that `/etc/ssh/sshd_config` is empty after >> `vagrant reload` reboot and sshd starts on the default `Port 22`. >> >> ### Steps to reproduce >> >> $ unset SSH_GUEST_PORT >> >> >> $ BOX='bento/centos-7.4' vagrant up >> Bringing machine 'centos7' up with 'virtualbox' provider... >> ==> centos7: Importing base box 'bento/centos-7.4'... >> ==> centos7: Matching MAC address for NAT networking... >> ==> centos7: Checking if box 'bento/centos-7.4' is up to date... >> ==> centos7: Setting the name of the VM: >> vagrant_other_sshd_centos7_1512054292366_34932 >> ==> centos7: Fixed port collision for 22 => 2200. Now on port 2202. >> ==> centos7: Clearing any previously set network interfaces... >> ==> centos7: Preparing network interfaces based on configuration... >> centos7: Adapter 1: nat >> ==> centos7: Forwarding ports... >> centos7: 22 (guest) => 2202 (host) (adapter 1) >> ==> centos7: Running 'pre-boot' VM customizations... >> ==> centos7: Booting VM... >> ==> centos7: Waiting for machine to boot. This may take a few minutes... >> centos7: SSH address: 127.0.0.1:2202 >> centos7: SSH username: vagrant >> centos7: SSH auth method: private key >> >> >> $ vagrant ssh -c 'sudo netstat -ntlp | grep ssh' >> tcp 0 0 0.0.0.0:22 0.0.0.0:* >> LISTEN 958/sshd >> tcp6 0 0 :::22 :::* >> LISTEN 958/sshd >> >> >> $ vagrant ssh -c 'sudo sed -i "s/#Port 22/Port 222/" >> /etc/ssh/sshd_config' >> $ vagrant ssh -c 'sudo sed -i "s/SELINUX=.*/SELINUX=permissive/" >> /etc/selinux/config' >> >> >> $ vagrant ssh-config >> Host centos7 >> HostName 127.0.0.1 >> User vagrant >> Port 2202 >> UserKnownHostsFile /dev/null >> StrictHostKeyChecking no >> PasswordAuthentication no >> IdentityFile /vagrant/vagrant_other_sshd/.vagrant/machines/centos7/ >> virtualbox/private_key >> IdentitiesOnly yes >> LogLevel FATAL >> >> >> $ vagrant ssh -c 'getenforce&& sudo service sshd restart&& sudo netstat >> -ntlp | grep ssh&& sudo sync && sudo grep 222 /etc/ssh/sshd_config' >> Permissive >> Redirecting to /bin/systemctl restart sshd.service >> tcp 0 0 0.0.0.0:222 0.0.0.0:* >> LISTEN 2931/sshd >> tcp6 0 0 :::222 :::* >> LISTEN 2931/sshd >> Port 222 >> >> >> $ SSH_GUEST_PORT=222 GUI=1 BOX='bento/centos-7.4' vagrant reload >> ==> centos7: Attempting graceful shutdown of VM... >> centos7: Guest communication could not be established! This is >> usually because >> centos7: SSH is not running, the authentication information was >> changed, >> centos7: or some other networking issue. Vagrant will force halt, if >> centos7: capable. >> ==> centos7: Forcing shutdown of VM... >> ==> centos7: Checking if box 'centos/7' is up to date... >> ==> centos7: Clearing any previously set forwarded ports... >> ==> centos7: Fixed port collision for 222 => 2200. Now on port 2201. >> ==> centos7: Clearing any previously set network interfaces... >> ==> centos7: Preparing network interfaces based on configuration... >> centos7: Adapter 1: nat >> ==> centos7: Forwarding ports... >> centos7: 222 (guest) => 2201 (host) (adapter 1) >> ==> centos7: Running 'pre-boot' VM customizations... >> ==> centos7: Booting VM... >> ==> centos7: Waiting for machine to boot. This may take a few minutes... >> centos7: SSH address: 127.0.0.1:222 >> centos7: SSH username: vagrant >> centos7: SSH auth method: private key >> centos7: Warning: Connection refused. Retrying... >> >> >> $ vagrant ssh-config >> Host centos7 >> HostName 127.0.0.1 >> User vagrant >> Port 22 >> UserKnownHostsFile /dev/null >> StrictHostKeyChecking no >> PasswordAuthentication no >> IdentityFile /vagrant/vagrant_other_sshd/.vagrant/machines/centos7/ >> virtualbox/private_key >> IdentitiesOnly yes >> LogLevel FATAL >> >> >> >> >> ### References >> >> -- >> This mailing list is governed under the HashiCorp Community Guidelines - >> https://www.hashicorp.com/community-guidelines.html. Behavior in >> violation of those guidelines may result in your removal from this mailing >> list. >> >> GitHub Issues: https://github.com/mitchellh/vagrant/issues >> IRC: #vagrant on Freenode >> --- >> You received this message because you are subscribed to the Google Groups >> "Vagrant" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to vagrant-up+...@googlegroups.com <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/vagrant-up/1a3d3fd8-af51-46da-af5a-22baeb8d5378%40googlegroups.com >> >> <https://groups.google.com/d/msgid/vagrant-up/1a3d3fd8-af51-46da-af5a-22baeb8d5378%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > Alvaro > > -- This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list. GitHub Issues: https://github.com/mitchellh/vagrant/issues IRC: #vagrant on Freenode --- You received this message because you are subscribed to the Google Groups "Vagrant" group. To unsubscribe from this group and stop receiving emails from it, send an email to vagrant-up+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/vagrant-up/03fca456-07f2-4543-a337-7d3a530ce951%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
