generic driver: support additional SSH options for service instance
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Shared File Systems Service (Manila) |
Triaged
|
Low
|
Unassigned |
Bug Description
Dear Manila developers,
thanks for your good work with the project, really appreciated.
This is a feature request. In our environment, SSH to virtual machines need to be proxyed using an intermediate SSH host.
When the generic driver creates a service instance, manila-share is unable to contact the VM because it wont use the SSH proxy.
I've read the source code and I found at least 3 places where this would need to be supported:
* on the utils module, the SSHPool class https:/
* on the generic driver, the _ssh_exec() method https:/
* on the service_instance module, the _test_server_
Moreover, the _test_server_
Instead of a raw connection, I would suggest moving that logic somehow into the SSHPool class in the utils module, so if a proxy is configured, it can reuse such configuration for the connectivity test.
In summary I'm suggesting at least the following new configuration options:
* ssh_proxy_host = <FQDN, defaults to None>
* ssh_proxy_user = <String, defaults to None>
* ssh_tcp_port = <Integer, defaults to 22>
Then build a connection similar to what this SSH config would do:
* ProxyCommand ssh -a -W %h:%p <email address hidden>
I'm also open to follow other instructions to workaround this SSH limitation we're experiencing.
tags: | added: gene |
tags: |
added: generic removed: gene |
tags: | added: driver |
Changed in manila: | |
importance: | Undecided → Medium |
Changed in manila: | |
status: | New → Triaged |
Hi Arturo,
Thank you for raising this bug.
The bug was discussed at the community weekly IRC call. Please review additional comments at https:/ /meetings. opendev. org/meetings/ manila/ 2021/manila. 2021-09- 30-15.01. log.html and let us know if you would like to contribute to this fix.