Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

ssh coder workspace behind firewall #8505

Closed
@mile15myyahoo

Description

@mile15myyahoo

Hi,

we have the intention to connect to workspaces from our working laptops and this is somehow not working now.
Our coder is installed via helm on an private aks. The whole network is protected via Firewall.
I am able from the same machine to create, list, edit templates and push to coder. The same for workspaces only ssh into it does not work.

coder config-ssh is generating ssh config correctly .
We also discovered that even ping a workspace does nothing.
Are we missing something in our Firewall to allow the communication?

OpenSSH version = 8.2p1
Coder version = 0.23

Our general intention is to use vs coder remote extension to connect to the workspace.

Here a logs from ping command.

-13 18:54:44.876 [debu] wgengine: wg: [v2] Routine: receive incoming v4 - started
2023-07-13 18:54:44.881 [debu] wgengine: wg: [v2] Routine: receive incoming v6 - started
2023-07-13 18:54:44.883 [debu] wgengine: wg: [v2] Routine: receive incoming receiveDERP - started
2023-07-13 18:54:44.936 [debu] wgengine: netcheck: netcheck: UDP is blocked, trying HTTPS
2023-07-13 18:54:44.937 [debu] wgengine: netcheck: [v1] measureAllICMPLatency: listen ip4:icmp 0.0.0.0: socket: operation not permitted
2023-07-13 18:54:44.944 [debu] wgengine: netcheck: [v1] netcheck: measuring HTTPS latency of coder (999): no non-STUNOnly nodes for region 999 (coder)
2023-07-13 18:54:44.944 [debu] wgengine: netcheck: [v1] report: udp=false v4=false icmpv4=false v6=false v6os=true mapvarydest= hair= portmap= derp=0
2023-07-13 18:54:44.944 [debu] wgengine: magicsock: home is now derp-999 (coder)
2023-07-13 18:54:44.944 [debu] wgengine: magicsock: endpoints changed: 10.100.23.8:59192 (local)
2023-07-13 18:54:44.944 [debu] wireguard status status="&{AsOf:2023-07-13 18:54:44.944800851 +0000 UTC m=+1.182332004 Peers:[] LocalAddrs:[{Addr:10.100.23.8:59192 Type:local}] DERPs:0}" err=
2023-07-13 18:54:44.944 [debu] skipped sending node; no PreferredDERP node="&{ID:nodeid:778bfe4549b292d9 AsOf:2023-07-13 18:54:44.944848 +0000 UTC Key:nodekey:09ff95088e6d254ff2f9637ce255881013a7b64c6ecef1747f9127a3d404e709 DiscoKey:discokey:99060f7d005a5f8eb526920e075240f69ec76ebcd612dd6a2a82dbb8ca05926d PreferredDERP:0 DERPLatency:map[] DERPForcedWebsocket:map[] Addresses:[fd7a:115c:a1e0:4038:acf2:bb42:1e2f:37c2/128] AllowedIPs:[fd7a:115c:a1e0:4038:acf2:bb42:1e2f:37c2/128] Endpoints:[10.100.23.8:59192]}"
2023-07-13 18:54:44.945 [debu] wgengine: magicsock: adding connection to derp-999 for home-keep-alive
2023-07-13 18:54:44.945 [debu] wgengine: magicsock: 1 active derp conns: derp-999=cr0s,wr0s
2023-07-13 18:54:44.945 [debu] wireguard status status="&{AsOf:2023-07-13 18:54:44.945512559 +0000 UTC m=+1.183043812 Peers:[] LocalAddrs:[{Addr:10.100.23.8:59192 Type:local}] DERPs:1}" err=
2023-07-13 18:54:44.945 [debu] netinfo callback netinfo="NetInfo{varies= hairpin= ipv6=false ipv6os=true udp=false icmpv4=false derp=#999 portmap= link=""}"
2023-07-13 18:54:44.945 [debu] wgengine: derphttp.Client.Connect: connecting to derp-999 (coder)
2023-07-13 18:54:44.953 [debu] wgengine: derphttp.Client.Recv: connecting to derp-999 (coder)
2023-07-13 18:54:44.963 [debu] wgengine: magicsock: [0xc0005145a0] derp.Recv(derp-999): derphttp.Client.Recv connect to region 999 (coder): no non-STUNOnly nodes for region 999 (coder)
2023-07-13 18:54:44.963 [debu] wgengine: derp-999: [v1] backoff: 12 msec
2023-07-13 18:54:44.977 [debu] wgengine: derphttp.Client.Recv: connecting to derp-999 (coder)
2023-07-13 18:54:44.985 [debu] wgengine: magicsock: [0xc0005145a0] derp.Recv(derp-999): derphttp.Client.Recv connect to region 999 (coder): no non-STUNOnly nodes for region 999 (coder)
2023-07-13 18:54:44.985 [debu] wgengine: derp-999: [v1] backoff: 40 msec
2023-07-13 18:54:44.995 [debu] wgengine: netcheck: netcheck: UDP is blocked, trying HTTPS
2023-07-13 18:54:44.995 [debu] wgengine: netcheck: [v1] measureAllICMPLatency: listen ip4:icmp 0.0.0.0: socket: operation not permitted
2023-07-13 18:54:45.002 [debu] wgengine: netcheck: [v1] netcheck: measuring HTTPS latency of coder (999): no non-STUNOnly nodes for region 999 (coder)
2023-07-13 18:54:45.002 [debu] wgengine: netcheck: [v1] report: udp=false v4=false icmpv4=false v6=false v6os=true mapvarydest= hair= portmap= derp=0
2023-07-13 18:54:45.026 [debu] wgengine: derphttp.Client.Recv: connecting to derp-999 (coder)
2023-07-13 18:54:45.031 [debu] wgengine: magicsock: [0xc0005145a0] derp.Recv(derp-999): derphttp.Client.Recv connect to region 999 (coder): no non-STUNOnly nodes for region 999 (coder)
2023-07-13 18:54:45.031 [debu] wgengine: derp-999: [v1] backoff: 98 msec
2023-07-13 18:54:45.053 [debu] wgengine: netcheck: netcheck: UDP is blocked, trying HTTPS
2023-07-13 18:54:45.053 [debu] wgengine: netcheck: [v1] measureAllICMPLatency: listen ip4:icmp 0.0.0.0: socket: operation not permitted
2023-07-13 18:54:45.058 [debu] wgengine: netcheck: [v1] netcheck: measuring HTTPS latency of coder (999): no non-STUNOnly nodes for region 999 (coder)
2023-07-13 18:54:45.058 [debu] wgengine: netcheck: [v1] report: udp=false v4=false icmpv4=false v6=false v6os=true mapvarydest= hair= portmap= derp=0
2023-07-13 18:54:45.109 [debu] wgengine: netcheck: netcheck: UDP is blocked, trying HTTPS
2023-07-13 18:54:45.110 [debu] wgengine: netcheck: [v1] measureAllICMPLatency: listen ip4:icmp 0.0.0.0: socket: operation not permitted
2023-07-13 18:54:45.118 [debu] wgengine: netcheck: [v1] netcheck: measuring HTTPS latency of coder (999): no non-STUNOnly nodes for region 999 (coder)
2023-07-13 18:54:45.118 [debu] wgengine: netcheck: [v1] report: udp=false v4=false icmpv4=false v6=false v6os=true mapvarydest= hair= portmap= derp=0
2023-07-13 18:54:45.130 [debu] wgengine: derphttp.Client.Recv: connecting to derp-999 (coder)
2023-07-13 18:54:45.137 [debu] wgengine: magicsock: [0xc0005145a0] derp.Recv(derp-999): derphttp.Client.Recv connect to region 999 (coder): no non-STUNOnly nodes for region 999 (coder)
2023-07-13 18:54:45.137 [debu] wgengine: derp-999: [v1] backoff: 114 msec
2023-07-13 18:54:45.188 [debu] wgengine: netcheck: netcheck: UDP is blocked, trying HTTPS
2023-07-13 18:54:45.188 [debu] wgengine: netcheck: [v1] measureAllICMPLatency: listen ip4:icmp 0.0.0.0: socket: operation not permitted
2023-07-13 18:54:45.195 [debu] wgengine: netcheck: [v1] netcheck: measuring HTTPS latency of coder (999): no non-STUNOnly nodes for region 999 (coder)
2023-07-13 18:54:45.195 [debu] wgengine: netcheck: [v1] report: udp=false v4=false icmpv4=false v6=false v6os=true mapvarydest= hair= portmap= derp=0
2023-07-13 18:54:45.252 [debu] wgengine: derphttp.Client.Recv: connecting to derp-999 (coder)
2023-07-13 18:54:45.258 [debu] serving coordinator
2023-07-13 18:54:45.258 [debu] sending node node="&{ID:nodeid:778bfe4549b292d9 AsOf:2023-07-13 18:54:45.258494 +0000 UTC Key:nodekey:09ff95088e6d254ff2f9637ce255881013a7b64c6ecef1747f9127a3d404e709 DiscoKey:discokey:99060f7d005a5f8eb526920e075240f69ec76ebcd612dd6a2a82dbb8ca05926d PreferredDERP:999 DERPLatency:map[] DERPForcedWebsocket:map[] Addresses:[fd7a:115c:a1e0:4038:acf2:bb42:1e2f:37c2/128] AllowedIPs:[fd7a:115c:a1e0:4038:acf2:bb42:1e2f:37c2/128] Endpoints:[10.100.23.8:59192]}"
2023-07-13 18:54:45.259 [debu] wgengine: ping(fd7a:115c:a1e0:49d6:b259:b7ac:b1b2:48f4): no matching peer
2023-07-13 18:54:45.259 [debu] adding node node="&{ID:nodeid:2e74262f855452e3 AsOf:2023-07-13 18:54:02.058211 +0000 UTC Key:nodekey:4fd0965f4fe05035f36d5d9d2e8bd89dcf70d90048eef9159a083a38da311442 DiscoKey:discokey:a508bf019c3d64ccc3e39c868d38786587add336109f49c0aa28c0b0c57aea62 PreferredDERP:999 DERPLatency:map[999-v4:0.006563485] DERPForcedWebsocket:map[] Addresses:[fd7a:115c:a1e0:49d6:b259:b7ac:b1b2:48f4/128] AllowedIPs:[fd7a:115c:a1e0:49d6:b259:b7ac:b1b2:48f4/128] Endpoints:[20.71.194.194:21493 10.244.4.15:32808]}"
2023-07-13 18:54:45.260 [debu] wgengine: ping(fd7a:115c:a1e0:49d6:b259:b7ac:b1b2:48f4): no matching peer
2023-07-13 18:54:45.260 [debu] wgengine: magicsock: [0xc0005145a0] derp.Recv(derp-999): derphttp.Client.Recv connect to region 999 (coder): no non-STUNOnly nodes for region 999 (coder)
2023-07-13 18:54:45.260 [debu] wgengine: derp-999: [v1] backoff: 176 msec
2023-07-13 18:54:45.275 [debu] updating network map
2023-07-13 18:54:45.275 [debu] wgengine: [v1] magicsock: got updated network map; 1 peers
2023-07-13 18:54:45.275 [debu] netstack: [v2] netstack: registered IP fd7a:115c:a1e0:4038:acf2:bb42:1e2f:37c2/128
2023-07-13 18:54:45.275 [debu] wgengine: wgengine: Reconfig: configuring userspace WireGuard config (with 0/1 peers)
2023-07-13 18:54:45.275 [debu] wgengine: wg: [v2] UAPI: Updating private key
2023-07-13 18:54:45.275 [debu] wgengine: wgengine: Reconfig: configuring router
2023-07-13 18:54:45.275 [debu] wgengine: [v1] warning: fakeRouter.Set: not implemented.
2023-07-13 18:54:45.275 [debu] wgengine: wgengine: Reconfig: configuring DNS
2023-07-13 18:54:45.275 [debu] wgengine: dns: Set: {DefaultResolvers:[] Routes:{} SearchDomains:[] Hosts:0}
2023-07-13 18:54:45.275 [debu] wgengine: dns: Resolvercfg: {Routes:{} Hosts:0 LocalDomains:[], cloud="azure"}
2023-07-13 18:54:45.275 [debu] wgengine: dns: OScfg: {Nameservers:[] SearchDomains:[] MatchDomains:[] Hosts:[]}
2023-07-13 18:54:45.275 [debu] wgengine: [v1] wgengine: Reconfig done
2023-07-13 18:54:45.311 [debu] wgengine: netcheck: netcheck: UDP is blocked, trying HTTPS
2023-07-13 18:54:45.312 [debu] wgengine: netcheck: [v1] measureAllICMPLatency: listen ip4:icmp 0.0.0.0: socket: operation not permitted

Thanks in advance

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions

      [8]ページ先頭
      ©2009-2025 Movatter.jp