Closed g-easy closed 8 months ago
g-easy
commented
2 years ago Example usage, doesn't even require a VM:
socat VSOCK-LISTEN:12345 EXEC:"/usr/lib/openssh/sftp-server",nofork
./sshfs -o vsock=2:12345 unused_host: ./tmp(CID=2 means loopback)
Most of the performance gain is from reducing the amount of data copies (rather than avoiding ssh encryption), i.e. socat+nofork means the sftp-server's stdio is dup'd directly to the vsock.
Nikratio
commented
2 years ago Thank you for the patch!
I am not sure if it makes sense to merge this into SSHFS. There is nothing wrong with it on a technical level (at least on first glance), but adding a capability to bypass SSH in a program called SSHFS does not seem wise to me.
Do you have any references about what sits on the other end of a vsock and implements the server-side protocol? Is it the kernel, or another userspace program?
I am also curious about how this relates to virtiofs, which I thought is the recommended way to share filesystems with VMs?
g-easy
commented
2 years ago what sits on the other end of a vsock and implements the server-side protocol? Is it the kernel, or another userspace program?
For my use-case, it will be the usual userspace sftp-server, basically the same as in the socat+nofork example above.
adding a capability to bypass SSH in a program called SSHFS does not seem wise
I understand where you're coming from. :) I have an existing setup where sshfs runs over ssh. I'd like to keep most of my setup and just make it run faster. i.e. I want to keep the sftp protocol part and change the plumbing.
I'd really like to be able to use a vsock directly from sshfs instead of having to plumb stdio around. sshfs already implements -o directport and -o passive but passive mode in particular disables multi-threading.
"sshfs -o vsock=CID:PORT" will cause sshfs to connect directly to the given vsock, bypassing ssh, and allowing high performance sshfs mounts of a VM guest.