Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jan 25 2019 16:23

    ark3 on ssh-cleanup

    (compare)

  • Jan 25 2019 16:23

    ark3 on master

    Return status rather than crash… Emit a distinct crash message f… Factor out sshuttle command and 3 more (compare)

  • Jan 25 2019 16:23
    ark3 closed #912
  • Jan 25 2019 14:57
    ark3 opened #912
  • Jan 25 2019 14:56

    ark3 on ssh-cleanup

    Return status rather than crash… Emit a distinct crash message f… Factor out sshuttle command and 2 more (compare)

  • Jan 25 2019 12:24
    bartoszmajsak opened #911
  • Jan 24 2019 22:04
    ark3 labeled #910
  • Jan 24 2019 22:04
    ark3 opened #910
  • Jan 24 2019 21:42
    ark3 closed #807
  • Jan 24 2019 21:42

    ark3 on master

    Don't pass --v=4 to kubectl eve… (compare)

  • Jan 24 2019 21:30
    ark3 closed #889
  • Jan 24 2019 21:30

    ark3 on master

    fix: changes depracated method … fix: masks logged tokens chore: adds changelog file and 8 more (compare)

  • Jan 24 2019 21:30
    ark3 closed #890
  • Jan 24 2019 21:29
    ark3 synchronize #890
  • Jan 24 2019 21:25
    ark3 closed #812
  • Jan 24 2019 21:25
    ark3 commented #812
  • Jan 24 2019 21:23
    ark3 closed #735
  • Jan 24 2019 21:23
    ark3 commented #735
  • Jan 24 2019 20:52
    rohansingh commented #905
  • Jan 24 2019 20:50
    ark3 commented #905
datawirebot
@datawirebot
<Konrad> i dropped some shuttle rules from iptables (as i can access the cluster without it locally) and it works now, but that's quite inconvenient
<rdl> do you have a writeup? would love to see how you got it to work (and share the blog)
datawirebot
@datawirebot
<sanha> Not yet, but planned.
I'll write it up as soon as I get some bandwidth and let you know.
Thanks 🙂
datawirebot
@datawirebot
<gregw> My team has adopted telepresence for local development/testing of one of our microservices running in EKS but I am using a centos-based distro of linux and am having a bad time trying to get it installed. First, I tried following the instructions for installation on Fedora-based distros, but attempting to install telepresence through dnf results in 'no match for argument: telepresence' even though I have the datawireio_telepresence yum repo config in /etc/yum.repos.d. Next, I tried installing from source and ran into another error during the telepresence build: "ImportError: No module named 'zipapp'"
<gregw> I have python 3.7.1 installed via pyenv and I've tried the install from source through a virtualenv as well. The most confusing part is if I open the python repl using the same python interepreter and execute "from zipapp import create_archive" it does not produce an importerror
<ark3> @gregw I'm interested to learn more about your error when installing from source. That should work!
<ark3> The install script runs python3 from your shell path.
<gregw> Yeah and I have a python3 binary in my $PATH under $HOME/.pyenv/shims/python3
datawirebot
@datawirebot
<ark3> Can you verify that python3 --version by itself produces something like Python 3.7.1 and then run env PREFIX=/place/to/install ./install.sh?
<gregw> ah it has to do with running sudo...if i run that command without sudo then it finds the modules and executes python code
<gregw> makes sense since the superuser doesn't have the same python environment as my logged in user
<gregw> i can manually copy the built binary over to /usr/local/bin at least
datawirebot
@datawirebot
<gregw> ok i'll get my superuser's python3 environment synced up so i can build this
<gregw> thanks!
<ark3> Hmm. We don't test that installer with sudo. That's part of the problem here. It's only the last few steps that need privileges. Perhaps we should split up the "build binary" and "install binary" bits.
datawirebot
@datawirebot
<JM> Morning; I'm wrangling a network traffic routing setup. I am on OSX and hitting a single node k8s installed in an EC2 instance. I can telepresence the deployment just fine, but I want to run a PHP debugger locally. In an "all software on the same host" setup xdebug would connect to localhost:9000 and the IDE would have a listener present to pick it up. In a non-telepresence host-run docker container, you'd change localhost to host.docker.internal or docker.for.mac.localhost and the traffic would show up on the OSX host. I suspect that's not quite working right due to the various networking loops going on with telepresence, however. Any suggestions for how to get that connection from my --swap-deployment container to show up on my hostmachine so the IDE can pick it up? Thanks!
<ark3> I have a solution for you, but it's somewhat convoluted.
<JM> Hit me 🙂
<ark3> Telepresence sets up and exposes an ssh server in its network container, then uses ssh -R to forward a port in the container to something on the host. This avoids using host.docker.internal, which doesn't work on Linux.
<ark3> You can use that same ssh server to set up a second port forward.
<JM> I'm open to trying that out; what would the command for that look like?
<ark3> Yup, working on it.
datawirebot
@datawirebot
<ark3> Launch your telepresence session, and then from another terminal, take a look at telepresence.log. Search for Launching Network container.
<ark3> You'll see a docker run command that has --publish=127.0.0.1:port:38022/tcp
<ark3> That port, the one associated with 38022 in the container, is the port on your host machine exposing the ssh server.
<ark3> Now, to run your client, you'll want some extra options to ssh.
<ark3> Search the log file for Launching Local SSH port forward to see what I mean.
datawirebot
@datawirebot
<ark3> The last part of your ssh will want to be something like -p port_from_above root@127.0.0.1 -R 9000:127.0.0.1:9000, which will forward connections made to the containers port 9000 to your host's port 9000.
<ark3> Does that make some amount of sense?
<JM> yeah, I think so. Let me see if I get it right; I'll be ssh'ing into the local networking container and having it do ssh tunnel proxying so that the connections from the local deployment container (since it shares the network namespace) on 9000 will pop back up on my mac
<ark3> Yes, exactly.
<JM> Bingo
<ark3> Success, with the debugger and all?
datawirebot
@datawirebot
<JM> Yup
<ark3> Excellent.
<JM> I haven't quite resolved the best way to get the proper container name, but docker inspect --format='{{(index (index .NetworkSettings.Ports "38022/tcp") 0).HostPort}}' telepresence-1554143629-148726-77228 gets you the right port to connect to
datawirebot
@datawirebot
<ark3> Nice. We have the nice label selector stuff to grab the Telepresence pod and deployment in k8s. Is there something similar we could be using on the Docker side?
datawirebot
@datawirebot
<JM> Alas, not that I can think of. The container could use a more "guessable" name instead of the guid like thing.
<JM> it's complicated by the fact you might have multiples of these running (rare, but...)
datawirebot
@datawirebot
<sanha> @anton186 I'm preparing for documentation, but you can check these stuffs before that.
datawirebot
@datawirebot
<teejae> hi, i'm just looking into telepresence for the first time. i'm using vpn-tcp mode, and trying to load up a website served from inside the cluster, but relies on outside resources (Google Firebase). however, once i start the vpn-tcp mode, even my browsers etc can't see external websites (http://google.com, http://slack.com, etc). am i doing something wrong? do i need --also-proxy or some other setup? the docs claim i don't need it, and public websites aren't affected, but maybe i'm missing something. i appreciate any help
<teejae> otherwise, telepresence looks to be a great tool
datawirebot
@datawirebot
<ark3> @teejae If normal stuff is unable to reach the internet, then you're probably experiencing a DNS loop. Are you using a local cluster, like Minikube or K for Docker?
<teejae> @ark3 yes, that's right. i'm using a minikube in this case
<teejae> is that an unsupported/unintended config?
datawirebot
@datawirebot
<ark3> Typically Minikube is detected (by context name) and a special local cluster workaround is used. Does your cluster have a different context name, i.e. not minikube?
<teejae> using the default minikube context name for now
<ark3> Hmm. That's a bug. Could you file an issue please? I could use the telepresence.log file from a simple session, maybe just curl -svk https://kubernetes.default/api/ and curl http://google.com so I can see what happens with DNS in the log file.
datawirebot
@datawirebot
<ark3> I'm working on detecting the DNS loop without relying on context names etc. but that won't make it into the next release.
<teejae> ok. i'll have to get to that in a bit