-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ability to start & stop ssh-agent process #16761
Conversation
/ok-to-test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
two questions
1-
does this PR make an ssh-agent by default even if it is not used by docker-env ?
2-
can we make minikube use this SSH agent ? I bet this would make our command runner faster
after we create a KIC container we switch from docker exec to SSH that made minikube faster.
here are some relevent code:
-
we copy the SSH key to remote for SSH runner
https://github.com/medyagh/minikube/blob/ecd457fc2eceba5ea3c37d7045d77f652a652d49/pkg/provision/provision.go#L171 -
here is some remote options for SSH runner
-
here is where ssh runner is created https://github.com/medyagh/minikube/blob/ecd457fc2eceba5ea3c37d7045d77f652a652d49/pkg/minikube/machine/client.go#L163
|
would you be interested to plug it in to make our SSH_RUNNER to use this agent and benchmark the Command Runner metrics ( we could see how many miliseconds or seconds it takes to run pwd or ls commands using with or without agent.. because without agent I assume it would have to load the SSH key on each connection to memory |
This comment has been minimized.
This comment has been minimized.
Could do that, would do it in a follow up PR though |
This comment has been minimized.
This comment has been minimized.
@spowelljr: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
This comment has been minimized.
This comment has been minimized.
kvm2 driver with docker runtime
Times for minikube (PR 16761) start: 51.9s 52.4s 51.6s 47.2s 52.3s Times for minikube (PR 16761) ingress: 27.8s 27.2s 28.2s 25.6s 24.7s docker driver with docker runtime
Times for minikube start: 25.1s 25.1s 22.3s 24.2s 24.9s Times for minikube ingress: 49.3s 49.8s 48.8s 48.3s 50.3s docker driver with containerd runtime
Times for minikube ingress: 31.3s 31.3s 31.3s 30.3s 31.3s Times for minikube start: 19.7s 20.5s 24.2s 23.2s 23.6s |
This comment has been minimized.
This comment has been minimized.
These are the flake rates of all failed tests.
Too many tests failed - See test logs for more details. To see the flake rates of all tests by environment, click here. |
@spowelljr could I plz see the output of docker-env before/after this PR (both incase the agent is started and incase the agent is not started) |
Added before/after to the PR description |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: medyagh, spowelljr The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
looks good to me @spowelljr my only question is, for docker-env on docker runtime, does the AFTER need to export the regular docker-env envs too ? $ minikube docker-env or is there a way to make regular docker-env to use that SSH_AGENT (kind of adding DOCKER_CERT_PATH="/Users/powellsteven/.minikube/certs" to the ssh agent ? ) maybe not |
Responded offline: |
This PR adds an
sshagent
package that allows starting and stoping an ssh-agent process. Once a process is started it's auth socket and agent pid are added to the cluster config. When runningdocker-env
, if the auth socket and agent pid are populated in the cluster config they'll be included in the command output. On cluster delete the process is killed.When creating this output I added
sshagent.Start()
to the beginning ofcmd/minikube/cmd/docker-env.go
sshagent.Start()
will be implemented in #15452Before:
After w/ agent stopped:
After w/ agent started: