Implement SSH tunnels between client and podman server

* client currently forks ssh client pending finding a well maintained ssh library for python. Including support for AF_UNIX forwarding. Signed-off-by: Jhon Honce <jhonce@redhat.com>
2025-09-16 22:34:51 +08:00 · 2018-06-18 20:33:20 -07:00
parent f228cf73e0
commit 7ea95a6afa
5 changed files with 289 additions and 35 deletions
--- a/contrib/python/test/test_runner.sh
+++ b/contrib/python/test/test_runner.sh
@ -13,13 +13,18 @@ if [[ ! -x ../../bin/podman ]]; then
 fi
 export PATH=../../bin:$PATH

+function usage {
+  echo 1>&2 $0 [-v] [-h] [test.TestCase|test.TestCase.step]
+}
+
 while getopts "vh" arg; do
  case $arg in
    v ) VERBOSE='-v' ;;
-    h ) echo >2 $0 [-v] [-h] [test.TestCase|test.TestCase.step] ; exit 2 ;;
+    h ) usage ; exit 0;;
+    \? ) usage ; exit 2;;
  esac
 done
-shift $((OPTIND-1))
+shift $((OPTIND -1))

 function cleanup {
  # aggressive cleanup as tests may crash leaving crap around
@ -49,7 +54,7 @@ EOT
 }

 # Need locations to store stuff
-mkdir -p ${TMPDIR}/{podman,crio,crio-run,cni/net.d,ctnr}
+mkdir -p ${TMPDIR}/{podman,crio,crio-run,cni/net.d,ctnr,tunnel}

 # Cannot be done in python unittest fixtures.  EnvVar not picked up.
 export REGISTRIES_CONFIG_PATH=${TMPDIR}/registry.conf
@ -102,11 +107,14 @@ ENTRYPOINT ["/tmp/hello.sh"]
 EOT

 export PODMAN_HOST="unix:${TMPDIR}/podman/io.projectatomic.podman"
-PODMAN_ARGS="--storage-driver=vfs\
-  --root=${TMPDIR}/crio\
-  --runroot=${TMPDIR}/crio-run\
-  --cni-config-dir=$CNI_CONFIG_PATH\
+PODMAN_ARGS="--storage-driver=vfs \
+  --root=${TMPDIR}/crio \
+  --runroot=${TMPDIR}/crio-run \
+  --cni-config-dir=$CNI_CONFIG_PATH \
  "
+if [[ -n $VERBOSE ]]; then
+  PODMAN_ARGS="$PODMAN_ARGS --log-level=debug"
+fi
 PODMAN="podman $PODMAN_ARGS"

 # document what we're about to do...
--- a/contrib/python/test/test_system.py
+++ b/contrib/python/test/test_system.py
@ -1,14 +1,15 @@
 import os
 import unittest
-
-import varlink
+from urllib.parse import urlparse

 import podman
+import varlink


 class TestSystem(unittest.TestCase):
    def setUp(self):
        self.host = os.environ['PODMAN_HOST']
+        self.tmpdir = os.environ['TMPDIR']

    def tearDown(self):
        pass
@ -22,6 +23,18 @@ class TestSystem(unittest.TestCase):
        with podman.Client(self.host) as pclient:
            self.assertTrue(pclient.system.ping())

+    def test_remote_ping(self):
+        host = urlparse(self.host)
+        remote_uri = 'ssh://root@localhost/{}'.format(host.path)
+
+        local_uri = 'unix:{}/tunnel/podman.sock'.format(self.tmpdir)
+        with podman.Client(
+                uri=local_uri,
+                remote_uri=remote_uri,
+                identity_file=os.path.expanduser('~/.ssh/id_rsa'),
+        ) as pclient:
+            pclient.system.ping()
+
    def test_versions(self):
        with podman.Client(self.host) as pclient:
            # Values change with each build so we cannot test too much