0

We're running DC/OS + Marathon on an Azure cluster (ACS). I find myself in situations where it would be very helpful to tunnel into the master node and more specifically - agent nodes. Then I'd like to run bash commands against my services (docker images) that are running. Is this possible?

Thanks in advance!

Alex
  • 3,719
  • 4
  • 26
  • 25

1 Answers1

1

There's a page on ACS's documentation regarding ssh tunneling into master nodes, it can be found here: https://azure.microsoft.com/en-us/documentation/articles/container-service-connect/

Say you have an Azure Container Service named my-acs running on the East US region, and your user name is myuser, and you would like to access the DC/OS dashboard of your cluster, 

sudo ssh -L 80:localhost:80 -f -N my-user@my-acsmgmt.eastus.cloudapp.azure.com -p 2200 -i path/to/your/private/key

If you would like to directly access the terminal of your master, you would use:

ssh my-user@my-acsmgmt.eastus.cloudapp.azure.com -p 2200 -i path/to/your/private/key

However, I do not know how to connect directly into an Agent node.

Jorge Sá
  • 21
  • 2
  • The easiest way to connect to the agents is via a tunnel to the masters. Use '-A' in the SSH connection and your credentials will be forwarded and thus you can simply 'ssh AGENT_IP`. – rgardler Oct 03 '16 at 15:26
  • Ross, I've ssh with -A from the master into an agent node and got this: `ssh: /opt/mesosphere/lib/libcrypto.so.1.0.0: no version information available (required by ssh) ssh: /opt/mesosphere/lib/libcrypto.so.1.0.0: no version information available (required by ssh) The authenticity of host '10.32.0.6 (10.32.0.6)' can't be established. ECDSA key fingerprint is REDACTED. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.32.0.6' (ECDSA) to the list of known hosts. Permission denied (publickey).` – Jorge Sá Oct 04 '16 at 17:59
  • Also tried with -A from my host to the master and then into the agent, also permission denied. Is there anything wrong with my DC/OS masters? Running a cluster with 3 masters right now, wasn't able to do that from any of them – Jorge Sá Oct 04 '16 at 18:03
  • You need to ensure you have setup SSH correctly to forward your keys. See http://unixwiz.net/techtips/ssh-agent-forwarding.html for a good guide on the topic. – rgardler Oct 05 '16 at 05:48