Re: [Fab-user] Best way of making proposals for Fabric?

fab-user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fab-user] Best way of making proposals for Fabric?

From:	Rory Campbell-Lange
Subject:	Re: [Fab-user] Best way of making proposals for Fabric?
Date:	Wed, 11 May 2011 10:54:39 +0100
User-agent:	Mutt/1.5.21 (2010-09-15)

On 10/05/11, JBB (address@hidden) wrote:
> Rory Campbell-Lange <address@hidden> writes:
> I have a more difficult situation, but a proper, complete implementation of
> ssh_config would fix it.
> 
> I deal with servers in multiple datacenters. Each datacenter has a different
> host I have to ssh-tunnel through.
> 
> I've been using the ProxyCommand, with different commands for different Host
> entries. 
> 
> For instance,
> 
> Host californiadc-*
>   ProxyCommand ssh -q californiadc nc %h %p
> 
> Host floridadc-*
>   ProxyCommand ssh -q floridadc nc %h %p
> 
> Why doesn't anyone implement everything ssh does in their "replacement" ssh
> library? :P Or, write a library to talk to ssh and let it do the lifting,
> instead of giving me a partial-implementation? 
> 
> Ruby's Net::SSH doesn't support these features in the ssh_config. Python's
> Paramiko ssh library doesn't either.

I have also written about this. I agree that this is a problem.

At present to access a remote DC through a 'head' ssh host, I have the
following sort of configuration:

host dc1head
    Port 4900
    IdentityFile ~/.ssh/id_dc1head
    Hostname 10.0.1.1 # example
    LocalForward 9001:192.168.2.1:22  9002:192.168.2.2:22  9003:192.168.2.3:22 
# etc

host dc1srv1
    IdentityFile ~/.ssh/id_dc1srv
    Port 9001
    Hostname 127.0.0.1

host dc1srv2
    IdentityFile ~/.ssh/id_dc1srv
    Port 9002
    Hostname 127.0.0.1

host dc1srv3
    IdentityFile ~/.ssh/id_dc1srv
    Port 9003
    Hostname 127.0.0.1
    
I think this allows one to use fabric to connect to dc1srv1, dcsrv2 etc.
servers once one has brought up an ssh connection via dc1head. However
the proxy command is much more elegant (although perhaps less efficient
-- I don't know). However, if I recall correctly, there is then a naming
problem in fabric as fabric can't easily show the difference between
address@hidden:9001 and address@hidden:9002 etc.

In specific terms I agree with JBB's comment about needing native SSH
support.

In more general terms I believe that Fabric could do with support for
server connection name aliasing, complementary commands (such as
proxying before a connection) and easier manipulation of collections of
hosts.

Regards
Rory

-- 
Rory Campbell-Lange
address@hidden

Campbell-Lange Workshop
www.campbell-lange.net
0207 6311 555
3 Tottenham Street London W1T 2AF
Registered in England No. 04551928

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Fab-user] Best way of making proposals for Fabric?, JBB, 2011/05/10
- Re: [Fab-user] Best way of making proposals for Fabric?, Rory Campbell-Lange <=

Prev by Date: Re: [Fab-user] Best way of making proposals for Fabric?
Next by Date: [Fab-user] Patch to add cluster support
Previous by thread: Re: [Fab-user] Best way of making proposals for Fabric?
Next by thread: [Fab-user] Patch to add cluster support
Index(es):
- Date
- Thread