New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Various improvements to the SNMP forwarding/proxying container setup #2637
Various improvements to the SNMP forwarding/proxying container setup #2637
Conversation
This ensures that the remote socat process is torn down when the forwarding container exits. Before this change, the socat process would linger forever, causing the forwarding port to stay bound forever on the remote hop-host. Any subsequent attempts to restart the forwarding container would just result in an error that looked like this: ``` socat[10092] E bind(5, {AF=2 0.0.0.0:10000}, 16): Address already in use ``` Using the `-tt` option to ssh forces SSH to allocate a pseudo-terminal, even if the controlling process isn't attached to a real terminal. Using the pseudo-terminal ensures that signals are propagated from the ssh process to the socat process started on the remote, so when the SSH session dies, socat will also. We also drop the `-f` option, since that would cause the SSH process to send the termination signal as soon as it forks and exits. This uses the shell to background the ssh process instead.
This factors out the setup of the local socat tunnel to a function, backgrounds it and waits for all backgrounded processes to terminate.
This ensures the whole process group, and thereby the forwarding container itself, dies if any of the forwarding subprocesses exit. This should be a very explicit failure signal to the developer using this forwarding container.
It's nice to know what's going on, even if -x isn't used.
For some weird reason, my SSH connection will not be properly established unless I add an explicit ConnectTimout option.
This ensures a remote IPv6 SNMP agent can be reached also, even if the local address is still IPv4.
Rebuilding much of the docker image just because the shell script is changing is tiresome. This ensures the last thing that happpens is the copying of the shell script.
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
Codecov Report
@@ Coverage Diff @@
## master #2637 +/- ##
=======================================
Coverage 54.52% 54.52%
=======================================
Files 558 558
Lines 40644 40644
=======================================
Hits 22160 22160
Misses 18484 18484 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very nice!
The SNMP forwarder container setup had three main drawbacks that this PR aims to fix:
socat
process on the hop-host was never terminated, keeping the forwarding port bound indefinitely, causing every subsequent attempt to start the forwarding container to fail with "address already in use" errors.Docs are also slighty updated to clarify on what host the problem resides when the "address already in use" error appears.