[Buildbot-devel] slave connection over ssl possible?
Andy Howell
AndyHowell at austin.rr.com
Wed Oct 7 14:02:52 UTC 2009
Marcus Lindblom wrote:
> Andy Howell wrote:
>> Marcus Lindblom wrote:
>>> Andy Howell wrote:
>>>> Hello,
>>>>
>>>> Is is possible to setup buildbot slaves to create an encrypted session to the master?
>>> Not out-of-the-box, I think.
>>>
>>> However, you could always setup an SSH-tunnel to the buildmaster host
>>> yourself first, then have the buildslave work through that.
>>>
>>> Hope it helps,
>>>
>>> /Marcus
>>>
>> Marcus,
>>
>> Thanks, I may go that route. I've been going through the code trying to see how to works.
>> Looks like the master side should work by specifying a port specification like:
>>
>> ssl:9989:privateKey=myket.pem:certKey=mycert.pem
>>
>> I think the slave side needs some changes to make this work, as it explicitly opens
>> TCPClient in buildbot/slave/bot.py. I've hacked that a bit, replace that call with a
>> ClientConnectionFactory and SSSClinet, but its not working yet. Still trying to understand
>> how twisted and buildbot work :)
>
> I was more thinking that you'd keep ssh out of buildbot completely, and
> manually ssh from client to master setting up a port-forwarding from
> master to client and connect client to a port on its localhost that is
> tunneled to the master's slave port.
>
> i.e. slave -> localport -> sshclient -> sshdaemon -> masterport -> master.
>
> That would allow you to use ssh without changing buildbot at all.
>
> Hope it makes sense.
Marcus,
That makes sense. I've that while traveling to tunnel into my network. I've found that
ssh can hang or drop the connection fairly regularly. For a long running application like
a buildbot slave, that could make reliability an issue.
Thanks,
Andy
More information about the devel
mailing list