search

ananace / fog-hyperv

Hyper-V provider for fog
MIT License
8 stars 1 forks source link

Always support executing commands on computers other than the first hop #14

Open ananace opened 6 years ago

ananace commented 6 years ago

This seems to be necessary to properly support clusters

Currently, trying to access a second computer in a PSRemoting session with most transports will fail, like such;

> c
 => #<Fog::Compute::Hyperv::Real:225660160380 ... @hyperv_transport=:negotiate ... >
> c.hosts.get '.'
 =>   <Fog::Compute::Hyperv::Host
    name="EXAMPLE1",
    ...
  >
> c.hosts.get 'example2'
Fog::Hyperv::Errors::PSError: You do not have permission to perform the operation. Contact your administrator if you believe you should have permission to perform this operation.
When executing Get-VMHost -ComputerName example2

This can be solved by setting up advanced CredSSP chaining or Kerberos credential passing. But a simple solution could also be to launch multiple connections by reusing the original credentials, running the given command on all provided computers, and then aggregating the results.

ananace commented 6 years ago

The current ugly hack to solve this issue will cause issues when using direct IP addresses to connect to a cluster, or if two cluster hosts are on different domains.

Perhaps something could be done to instead look up the host FQDN or IP on the current connection, use that value for the connection;

[System.Net.Dns]::GetHostByName('example-host')