Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ws-proxy] Distinguish between WS_NOTFOUND and WS_ID_INVALID #10393

Merged
merged 1 commit into from
Jun 1, 2022
Merged

[ws-proxy] Distinguish between WS_NOTFOUND and WS_ID_INVALID #10393

merged 1 commit into from
Jun 1, 2022

Conversation

iQQBot
Copy link
Contributor

@iQQBot iQQBot commented Jun 1, 2022
edited

Description

[ws-proxy] Distinguish between WS_NOTFOUND and WS_ID_INVALID

image

We have too many metrics report with WS_NOTFOUND but, this WS_NOTFOUND is not really workspace not found, This also includes some attempts at external brute force hacking attacks, This PR tries to distinguish between brute force attempts and real workspace not found errors, at this point we are only looking at the workspaceID format

Related Issue(s)

Fixes #

How to test

  1. start a workspace from this branch
  2. run ./dev/preview/portforward-monitoring-satellite.sh -c harvester and open prometheus
  3. test copy/paste ssh command, it should works
  4. test ssh root@test.ssh.ws.pd-ssh-invalid-wsid.preview.gitpod-dev.com it will increase WS_ID_INVALID error
  5. test ssh gitpodio-templategolang-uiuho6zqyss@test.ssh.ws.pd-ssh-invalid-wsid.preview.gitpod-dev.com it will increase WS_NOTFOUND error

prometheus query

gitpod_ws_proxy_ssh_attempt_total{status="failed", error_type=~"(WS_ID_INVALID|WS_NOTFOUND)"}

image

Release Notes

NONE

Documentation

@iQQBot iQQBot marked this pull request as ready for review June 1, 2022 04:02
@iQQBot iQQBot requested a review from a team June 1, 2022 04:02
@github-actions github-actions bot added the team: workspace Issue belongs to the Workspace team label Jun 1, 2022
@roboquat roboquat merged commit b675fb7 into main Jun 1, 2022
@roboquat roboquat deleted the pd/ssh-invalid-wsid branch June 1, 2022 21:04
@roboquat roboquat added deployed: workspace Workspace team change is running in production deployed Change is completely running in production labels Jun 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sagor999 sagor999 sagor999 approved these changes

Assignees
No one assigned
Labels
deployed: workspace Workspace team change is running in production deployed Change is completely running in production release-note-none size/S team: workspace Issue belongs to the Workspace team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@iQQBot @sagor999 @roboquat