search

mitogen-hq / mitogen

Distributed self-replicating programs in Python
https://mitogen.networkgenomics.com/
BSD 3-Clause "New" or "Revised" License
2.34k stars 198 forks source link

fakessh: can't get it working. is it broken? #421

Open ubergarm opened 5 years ago

ubergarm commented 5 years ago

Is fakessh broken? It seems skipped in the unittest

My goal is to run git on a remote server that uses my local laptop's ssh context. I do not want to forward my ssh auth with -A.

Is this possible currently or in the future? Thanks for clearing this up, couldn't find any full working examples...

My failed attempt w/ Python 3.6.6 and mitogen 0.2.3

#!/usr/bin/env python3

import os

import mitogen
import mitogen.utils
import mitogen.fakessh

def main(router):
    # setup a local context
    local_ctx = router.local(name="localhost")
    local_ctx.call(os.system, "hostname") # <--- works fine

    # connect to remote context via local context
    remote_ctx = router.ssh(
        via=local_ctx, username="root", hostname="myprivate.vpsserver.com"
    )
    remote_ctx.call(os.system, "hostname") # <--- works fine

    # fakessh on remote host using the local context's ssh
    local_ctx.call(mitogen.fakessh.run, remote_ctx, ["ssh", "-T", "git@github.com"]) # <--- borks

if __name__ == "__main__" and mitogen.is_master:
    mitogen.utils.log_to_file(level="INFO")
    mitogen.utils.run_with_router(main)
dw commented 5 years ago

It's marked as a known issue in the release notes for 0.2.x. The problem is not fixing the return code bug it presently suffers from, or finding a neater way to grant authority between the two nodes, but that the implementation is missing a super important feature -- flow control.

Without this, unbounded RAM growth can occur in a pipelined sender like rsync.

Flow control is a solved problem elsewhere -- services.FileService knows how to do it. I want to extract that mechanism, blend it with the 'out of band control' bits of fakessh, and produce a new abstraction that can be used in both places and generically -- named something like Pipe.

I'm getting close to looking at this stuff again -- it's needed for fully generic tunnelling Ansible synchronize module, but the practicalities of keeping bug count down for extension users is a little too high :) The great news is that this Ansible work has flushed out a megaton of bugs in the core library, it's just taking a little more time than anticipated to reach the end goal

dw commented 5 years ago

At the very least I need to add a caution box on the index page in the SSH section. Sorry about that!

ubergarm commented 5 years ago

Great, thanks for clarifying!

alextsits commented 4 years ago

Hi @dw !

I'm trying to use Mitogen not as part of Ansible, but as a standalone solution to connect to remotes, copy files in/out, and execute Python code. As part of this work, I tried to use the fakessh functionality of Mitogen to reuse an existing SSH context to run rsync commands, but it fails.

I get that fakessh is pretty much unmaintained at this moment. Just wanted to ask, are there any plans to fix that soon? I'm willing to help fixing its shortcomings.