Skip to content
This repository has been archived by the owner on Dec 7, 2023. It is now read-only.

Commit

Permalink
use ssh discover technique to check if SSH service is really run… (#469)
Browse files Browse the repository at this point in the history
use ssh discover technique to check if SSH service is really running
  • Loading branch information
stealthybox authored Oct 7, 2019
2 parents a4f3c7b + bff6663 commit d7cf3f6
Showing 1 changed file with 44 additions and 2 deletions.
46 changes: 44 additions & 2 deletions cmd/ignite/run/start.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,14 @@ package run
import (
"fmt"
"net"
"strings"
"time"

"github.com/weaveworks/ignite/pkg/apis/ignite"

"github.com/weaveworks/ignite/pkg/operations"
"github.com/weaveworks/ignite/pkg/preflight/checkers"
"github.com/weaveworks/ignite/pkg/util"
"golang.org/x/crypto/ssh"
"k8s.io/apimachinery/pkg/util/sets"
)

Expand Down Expand Up @@ -62,7 +63,7 @@ func Start(so *startOptions) error {
return nil
}

func waitForSSH(vm *ignite.VM, seconds int) error {
func dialSuccess(vm *ignite.VM, seconds int) error {
// When --ssh is enabled, wait until SSH service started on port 22 at most N seconds
ssh := vm.Spec.SSH
if ssh != nil && ssh.Generate && len(vm.Status.IPAddresses) > 0 {
Expand Down Expand Up @@ -90,3 +91,44 @@ func waitForSSH(vm *ignite.VM, seconds int) error {

return nil
}

func waitForSSH(vm *ignite.VM, seconds int) error {
if err := dialSuccess(vm, seconds); err != nil {
return err
}

certCheck := &ssh.CertChecker{
IsHostAuthority: func(auth ssh.PublicKey, address string) bool {
return true
},
IsRevoked: func(cert *ssh.Certificate) bool {
return false
},
HostKeyFallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
return nil
},
}

config := &ssh.ClientConfig{
User: "user",
Auth: []ssh.AuthMethod{
ssh.Password("password"),
},
HostKeyCallback: certCheck.CheckHostKey,
Timeout: 5 * time.Second,
}

addr := vm.Status.IPAddresses[0].String() + ":22"
sshConn, err := ssh.Dial("tcp", addr, config)
if err != nil {
// If error contains "unable to authenticate", it seems able to connect the server
errString := err.Error()
if strings.Contains(errString, "unable to authenticate") {
return nil
}
return err
}

sshConn.Close()
return fmt.Errorf("timed out checking SSH server")
}

0 comments on commit d7cf3f6

Please sign in to comment.