Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/build/cmd/coordinator: ssh gomote proxy should support Windows buildlets #21150

Closed
bradfitz opened this issue Jul 24, 2017 · 8 comments
Closed

x/build/cmd/coordinator: ssh gomote proxy should support Windows buildlets #21150

bradfitz opened this issue Jul 24, 2017 · 8 comments
Labels
Builders x/build issues (builders, bots, dashboards) FrozenDueToAge help wanted NeedsFix The path to resolution is known, but the work has not been done. OS-Windows
Milestone
Unreleased

Comments

@bradfitz
Copy link
Contributor

As of https://golang.org/cl/50750 the build coordinator has an ssh server to proxy to buildlets. (That was bug #19956)

We have Unix (ssh->ssh) and Plan 9 (ssh->drawterm) support, but no Windows story.

How do we get a "shell" (cmd.exe session) on a remote Windows machine?

https://technet.microsoft.com/en-us/library/cc732046(v=ws.10).aspx suggests there's a Windows Telnet Server.

Telnet would be perfect. We're already running in an isolated network, so internal security isn't important. The ssh server will still be secure to the public.

@johnsonj, without modifying all our Windows images, is there a programmatic way for the buildlet binaries to enable the Telnet server at runtime?
@gopherbot gopherbot added this to the Unreleased milestone Jul 24, 2017
@gopherbot gopherbot added the Builders x/build issues (builders, bots, dashboards) label Jul 24, 2017
@bradfitz bradfitz added help wanted NeedsFix The path to resolution is known, but the work has not been done. OS-Windows and removed Builders x/build issues (builders, bots, dashboards) labels Jul 24, 2017
@gopherbot gopherbot added the Builders x/build issues (builders, bots, dashboards) label Jul 24, 2017
@johnsonj
Copy link
Contributor

The feature needs to be enabled and service needs to be set to start (or disabled and manually started)

Install-WindowsFeature -Name 'Telnet-Server'
Set-Service -Name 'TlntSvr' -StartupType 'Automatic'

It may be tricky to run this powershell from buildlet.exe. I can add this to sysprep1.ps1 and build a new version of the windows images easily. Only one builder type isn't build off of these images today (windows-386-gce).

@bradfitz
Copy link
Contributor Author

Excellent, thanks.

I wouldn't worry about windows-386-gce. That builder needs to die once we get the 2008, 2012, and 2016 ones booting to buildlet reliably.

Rebuilding the images works.

Feel free to do that whenever you'd like, if there's no way to run the powershell from buildlet.exe. We can't just run net start TlntSvr ?

@bradfitz
Copy link
Contributor Author

Guess not:

$ gomote run -system user-bradfitz-windows-amd64-2008-0 net start TlntSvr
The service name is invalid.

More help is available by typing NET HELPMSG 2185.

Error running run: exit status 2

And MSDN docs say:

$ gomote run -system user-bradfitz-windows-amd64-2008-0 net start telnet
The service name is invalid.

More help is available by typing NET HELPMSG 2185.

Error running run: exit status 2

So I guess the code is there but not enabled to be enabled?

@bradfitz
Copy link
Contributor Author

Oh, there's also the sc command to interact with services. No luck so far there.

@bradfitz
Copy link
Contributor Author

Notes on disabling NTLM auth later:
https://www.petri.com/enable_telnet_on_windows_2003

@gopherbot
Copy link

CL https://golang.org/cl/50954 mentions this issue.

gopherbot pushed a commit to golang/build that referenced this issue Jul 27, 2017
@johnsonj @bradfitz
env/windows: enable telnet access
b5d433a 
- Login/password is now: gopher / gopher. Now when you `./rdp` you will
  see the actual auto-started buildlet because you're joining the same
  session.
- Enable telnet service in sysprep/startup
- Update tooling to use all internal IPs for access
- Create a telnet script to access builders
- Disavle some unwanted services
- Perform all provisioning in a startup script. The sysprep step was not
  necessary.
- Roll image version number

Related: golang/go#21150

Change-Id: I3ed0b1e992b30801a6bb14b4a6df83a326c22ef6
Reviewed-on: https://go-review.googlesource.com/50954
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
@gopherbot
Copy link

Change https://golang.org/cl/51911 mentions this issue: dashboard, cmd/coordinator: switch to Windows images with ssh instead of telnet

@gopherbot
Copy link

Change https://golang.org/cl/51831 mentions this issue: env/windows: add ssh to builders instead of telnet

gopherbot pushed a commit to golang/build that referenced this issue Jul 30, 2017
@johnsonj @bradfitz
env/windows: add ssh to builders instead of telnet
a26b589 
Telnet is removed from Server 2016. Consistent SSH seems like more fun.

Updates golang/go#21150

Change-Id: I4d1fc853f705b85e46392beb4e1232961ac9e2cd
Reviewed-on: https://go-review.googlesource.com/51831
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
@golang golang locked and limited conversation to collaborators Jul 30, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Builders x/build issues (builders, bots, dashboards) FrozenDueToAge help wanted NeedsFix The path to resolution is known, but the work has not been done. OS-Windows
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
3 participants
@bradfitz @johnsonj @gopherbot