Provide an alternative implementation of Net::SSH::KnownHost in ssh_options#330
Conversation
|
@byroot I haven't had a chance to review yet, but in the meantime can you look into this test failure reported by Travis? Thanks. |
|
That's what I've put in my |
|
Oops, sorry! 🤦 |
|
@mattbrictson I finally got around to finish the feature. |
|
Not sure if you saw this already, but RuboCop has flagged something that is breaking the build: |
|
Nope. But i'll fix it |
|
Done 👌 |
|
@byroot I think perhaps some documentation is in order to explain how this is supposed to be used? I did my best to test this as follows:
But: Is there more I have to do to use this correctly? |
|
@mattbrictson apologies, I forgot to test in realistic conditions :/ and then got little time to fix it. I just fixed the issue you had, and tested that branch against our capistrano recipe.
It's exactly what you figured out:
What kind of documentation are you thinking about? A README section? I was seeing this as a beta feature for now that you have to explicitly and then maybe it could become the default in a future release? Let me know. |
Yes, I think a small mention in the README near where we talk about connection pooling would be good.
Sounds good. Please open a separate issue for making it the default, so that we don't lose track of that task. 👍 |
byroot
force-pushed
the
known-hosts
branch
2 times, most recently
from
26a97e6 to
25510e4
Compare
|
@mattbrictson I had to change the PR a bit with 25510e4 to react to net-ssh/net-ssh#320 Basically there is 2 possibilities:
I can setup a Travis build matrix with 2 versions of net-ssh if you want. I also updated the README, let me know. |
|
Oh and the profiles: Without known_hosts caching: With known_hosts caching: |
|
@byroot I am just now coming back to this PR. Let's try to get this merged in.
Thanks! |
|
Make dense, i'll do all that in a few minutes |
|
Great. I'm planning on releasing SSHKit 1.10 today, and it would be nice to get this in. |
…ptions As discussed in capistrano#326 (comment) Net::SSH re-parse the known_hosts files every time it needs to lookup for a known key. This alternative implementation parse it once and for all, and cache the result.
Done
Done as well. NB: I moved them both in a single file. Since they interact a lot together I think it makes sense.
It's been more than a month we are running it in production now. I just checked, we deployed a bit more than a thousand time with it, so 400k SSH connections over a month. IMO we're good :) |
😆 🚀 |
|
Merged. Thanks! 🙌 |
## [1.11.3][] (2016-09-16)
* Fix known_hosts caching to match on the entire hostlist
[PR #364](capistrano/sshkit#364) @byroot
## [1.11.2][] (2016-07-29)
### Bug fixes
* Fixed a crash occurring when `Host@keys` was set to a non-Enumerable.
@xavierholt [PR #360](capistrano/sshkit#360)
## [1.11.1][] (2016-06-17)
### Bug fixes
* Fixed a regression in 1.11.0 that would cause
`ArgumentError: invalid option(s): known_hosts` in some older versions of
net-ssh. @byroot [#357](capistrano/sshkit#357)
## [1.11.0][] (2016-06-14)
### Bug fixes
* Fixed colorized output alignment in Logger::Pretty. @xavierholt
[PR #349](capistrano/sshkit#349)
* Fixed a bug that prevented nested `with` calls
[#43](capistrano/sshkit#43)
### Other changes
* Known hosts lookup optimization is now enabled by default. @byroot
## 1.10.0 (2016-04-22)
* You can now opt-in to caching of SSH's known_hosts file for a speed boost
when deploying to a large fleet of servers. Refer to the
[README](https://github.com/capistrano/sshkit/tree/v1.10.0#known-hosts-caching) for
details. We plan to turn this on by default in a future version of SSHKit.
[PR #330](capistrano/sshkit#330) @byroot
* SSHKit now explicitly closes its pooled SSH connections when Ruby exits;
this fixes `zlib(finalizer): the stream was freed prematurely` warnings
[PR #343](capistrano/sshkit#343) @mattbrictson
* Allow command map entries (`SSHKit::CommandMap#[]`) to be Procs
[PR #310](capistrano/sshkit#310)
@mikz
## 1.9.0
**Refer to the 1.9.0.rc1 release notes for a full list of new features, fixes,
and potentially breaking changes since SSHKit 1.8.1.** There are no changes
since 1.9.0.rc1.
## 1.9.0.rc1
### Potentially breaking changes
* The SSHKit DSL is no longer automatically included when you `require` it.
**This means you must now explicitly `include SSHKit::DSL`.**
See [PR #219](capistrano/sshkit#219) for details.
@beatrichartz
* `SSHKit::Backend::Printer#test` now always returns true
[PR #312](capistrano/sshkit#312) @mikz
### New features
* `SSHKit::Formatter::Abstract` now accepts an optional Hash of options
[PR #308](capistrano/sshkit#308) @mattbrictson
* Add `SSHKit::Backend.current` so that Capistrano plugin authors can refactor
helper methods and still have easy access to the currently-executing Backend
without having to use global variables.
* Add `SSHKit.config.default_runner` options that allows to override default command runner.
This option also accepts a name of the custom runner class.
* The ConnectionPool has been rewritten in this release to be more efficient
and have a cleaner internal API. You can still completely disable the pool
by setting `SSHKit::Backend::Netssh.pool.idle_timeout = 0`.
@mattbrictson @byroot [PR #328](capistrano/sshkit#328)
### Bug fixes
* make sure working directory for commands is properly cleared after `within` blocks
[PR #307](capistrano/sshkit#307)
@steved
* display more accurate string for commands with spaces being output in `Formatter::Pretty`
[PR #304](capistrano/sshkit#304)
@steved
[PR #319](capistrano/sshkit#319) @mattbrictson
* Fix a race condition experienced in JRuby that could cause multi-server
deploys to fail. [PR #322](capistrano/sshkit#322)
@mattbrictson
3 participants
As discussed in #326 (comment)
Net::SSH re-parse the known_hosts files every time it needs to lookup for a known key.
This alternative implementation parse it once and for all, and cache the result.
NB: This is not complete yet, I need to also make
test_known_hosts_for_when_an_host_hash_is_recognizedpass.cc @mattbrictson @TiagoCardoso1983