[SERVER-53041] Forward mongo ports through SSH tunnel (host.create ticket 1) Created: 23/Nov/20  Updated: 29/Oct/23  Resolved: 23/Dec/20

Status: Closed
Project: Core Server
Component/s: Testing Infrastructure
Affects Version/s: None
Fix Version/s: 4.9.0

Type: Bug Priority: Major - P3
Reporter: Robert Guo (Inactive) Assignee: Mikhail Shchatko
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by SERVER-53040 Use host.create for powercycle in Eve... Closed
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: STM 2020-12-28
Participants:
Story Points: 2

 Description   

The secret_port is not exposed by the Evergreen spawn host, so we will instead forward all operations through ssh. For simplicity, we can bind both the public port and the secret port and reuse the same port locally and on the powercycle machine.

The operative change is to add the tunneling options to this line in remote_operations.py with supporting changes in places that we connect to MongoDB to always connect to localhost instead of the remote host. The following snippet should work for the tunneling code:

"ssh -L {secret_port}:{mongod_host}:{secret_port} -L {standard_port}:{mongod_host}:{standard_port}"

The connections will be limited to the main powercycle loop here since it is the only time the mongod is alive.

Note

  • We appear to be connecting to the mongod remotely (i.e. from the Evergreen host in a couple of locations, therefore we need to ensure the mongod is started with --bind_ip 0.0.0.0 so it listens on the non-localhost network interface. Otherwise we will get a connection error.
  • The necessity of secret_port is debatable but can be left out of this ticket. The code involves a few nested subprocess calls which has a learning curve; consider not making significant changes or improvements as part of this project.


 Comments   
Comment by Githook User [ 23/Dec/20 ]

Author:

{'name': 'Mikhail Shchatko', 'email': 'mikhail.shchatko@mongodb.com'}

Message: SERVER-53041 Forward mongo ports through SSH tunnel
Branch: master
https://github.com/mongodb/mongo/commit/9bb0493128738041cec5addb1179cf13784eac04

Generated at Thu Feb 08 05:29:45 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.