@f2ked:matrix.org | Re: [posix-log-streaming](https://zuul-ci.org/docs/zuul/latest/operation.html#posix-log-streaming) is there any plan to support "job nodes" behind NATs and not requiring a fixed port at `19885` | 14:55 |
---|---|---|
@clarkb:matrix.org | > <@f2ked:matrix.org> Re: [posix-log-streaming](https://zuul-ci.org/docs/zuul/latest/operation.html#posix-log-streaming) is there any plan to support "job nodes" behind NATs and not requiring a fixed port at `19885` | 15:07 |
The executors run a finger gateway (proxy essentially) on a known port (I think 7900). Then you can put the executors behind the NAT and and set them to the same zone as the test nodes so executor and test nodes don't communicate via NAT. Then you only need the executor to have a public IP or port forwards or however you want to solve it | ||
@f2ked:matrix.org | sadly, they are all different NATs, I have the executor NAT solved (using `socat`), but that works because I can program it (`executor.finger_port`), but I can't do this with the job nodes :( | 21:22 |
@clarkb:matrix.org | you can run one executor per private network. | 21:28 |
@clarkb:matrix.org | but you do need some way of mapping the executor to the nodes. I think with openstack you can specify the ntework per provider then have a separate provider in nodepool for each one. Then the executor is mapped to each one | 21:28 |
@f2ked:matrix.org | sadly I cannot configure this scenario :( | 21:32 |
@mordred:waterwanders.com | several years ago I did some work which we could never quite get across the finish line to tunnel the logging connection over the ansible ssh connection. a few other people have taken passes at that and similarly not gotten it fully working. | 22:02 |
@f2ked:matrix.org | I think if one could define `finger_port` in the meta-data of the node (nodepool), executor could use that.. right? | 22:35 |
Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!