Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for configurable keep-alives #2349

Merged
merged 1 commit into from Nov 29, 2018
Merged

Add support for configurable keep-alives #2349

merged 1 commit into from Nov 29, 2018

Conversation

@russjones
Copy link
Contributor

russjones commented Nov 8, 2018

Purpose

Allow configurable keep-alives to be sent from Teleport servers to clients. This is to prevent firewalls, load balancers, and VPNs from tearing down idle SSH session.

Implementation

  • Added keep_alive_interval to Teleport configuration. This sets the interval at which Teleport will send keep-alive messages. The default value mirrors sshd at 15 minutes.
  • Added keep_alive_count_max, the number of messed keep-alive messages before the server tears down the connection to the client. The default value mirrors sshd at 3.
  • Both the regular and forwarding server now both use the same keep-alive code.

Related Issues

Fixes #2334

@russjones russjones requested a review from klizhentas Nov 8, 2018
@russjones russjones changed the title Add support for keep-alives Add support for configurable keep-alives Nov 8, 2018
@russjones russjones force-pushed the rjones/keep-alives branch from 20cbeb4 to 2dbaa01 Nov 12, 2018
lib/client/client.go Outdated Show resolved Hide resolved
lib/srv/forward/sshserver.go Outdated Show resolved Hide resolved
lib/srv/keepalive.go Outdated Show resolved Hide resolved
lib/srv/keepalive.go Outdated Show resolved Hide resolved
lib/srv/keepalive.go Outdated Show resolved Hide resolved
lib/srv/keepalive.go Show resolved Hide resolved
@@ -38,13 +38,13 @@ import (
"github.com/gravitational/teleport/lib/utils"

"github.com/gravitational/trace"
log "github.com/sirupsen/logrus"

This comment has been minimized.

Copy link
@klizhentas

klizhentas Nov 16, 2018

Contributor

what's up with this refactoring?

This comment has been minimized.

Copy link
@russjones

russjones Nov 17, 2018

Author Contributor

Moved to our new structured logging everywhere in lib/srv.

This comment has been minimized.

Copy link
@klizhentas

klizhentas Nov 25, 2018

Contributor

how does renaming to logrus help?

closeContext, closeCancel := context.WithCancel(context.Background())
defer closeCancel()

clusterConfig, err := s.GetAccessPoint().GetClusterConfig()

This comment has been minimized.

Copy link
@klizhentas

klizhentas Nov 16, 2018

Contributor

ditto for the error handling logic and cleanup

This comment has been minimized.

Copy link
@russjones

russjones Nov 17, 2018

Author Contributor

Everything should be cleaned up in a defer here.

// The keep-alive loop will keep pinging the remote server and after it has
// missed a certain number of keep-alive requests it will cancel the
// closeContext which signals the server to shutdown.
go srv.StartKeepAliveLoop(srv.KeepAliveParams{

This comment has been minimized.

Copy link
@klizhentas

klizhentas Nov 16, 2018

Contributor

why don't you pass a context to keepalive loop as well?

This comment has been minimized.

Copy link
@russjones

russjones Nov 17, 2018

Author Contributor

I am passing a context to the keep-alive loop?

@russjones russjones force-pushed the rjones/keep-alives branch from 2dbaa01 to 337dc02 Nov 17, 2018
lib/srv/regular/sshserver.go Outdated Show resolved Hide resolved
control how often the server sends keep-alive messages to clients and
after how many missed keep-alive replies the server tears down the
connection to the client.
@russjones russjones force-pushed the rjones/keep-alives branch from 337dc02 to 175ad7d Nov 29, 2018
@russjones russjones merged commit 6c37b4a into master Nov 29, 2018
1 check passed
1 check passed
Teleport Build finished.
Details
@russjones russjones deleted the rjones/keep-alives branch Nov 29, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.