Re: SSH access to CF app instances on Diego

Matthew Sykes <matthew.sykes@...>

Depends on your role and where your app is in the deployment pipeline. Most
of the scenarios I envisioned were for the tail end of development where
you need to poke around to debug and figure out those last few problems.

For example, Ryan Morgan was saying that the Cloud Foundry plugin for
eclipse is going to be using the ssh support in diego to enable debug of
application instances in the context of a buildpack deployed app. This is
aligned with other requirements I've heard from people working on dev tools.

As apps reach production, I would hope that interactive ssh is disabled
entirely on the prod space leaving only scp in source mode as an option
(something the proxy can do).

Between dev and prod, there's a spectrum, but in general, I either expect
access to be enabled or disabled - not enabled with a suicidal tendency.

On Thu, Jun 25, 2015 at 10:53 PM, Benjamin Black <bblack(a)> wrote:


could you elaborate a bit on what you believe ssh access to instances is


On Thu, Jun 25, 2015 at 9:29 PM, Matthew Sykes <matthew.sykes(a)>

My concern is the default behavior.

When I first prototyped this support in February, I never expected that
merely accessing a container would cause it to be terminated. As we can see
from Jan's response, it's completely unexpected; many others have the same

I do not believe that this behavior should be part of the default
configuration and I do believe the control needs to be at the space level.
I have have already expressed this opinion during Diego retros and at the
runtime PMC meeting.

I honestly believe that if we were talking about applying this behavior
to `bosh ssh` and `bosh scp`, few would even consider running in a 'kill on
taint mode' because of how useful it is. We should learn from that.

If this behavior becomes the default, I think our platform will be seen
as moving from opinionated to parochial. That would be unfortunate.

On Thu, Jun 25, 2015 at 6:05 PM, James Bayer <jbayer(a)> wrote:

you can turn the "restart tainted containers" feature off with
configuration if you are authorized to do so. then using scp to write files
into a container would be persisted for the lifetime of the container even
after the ssh session ends.

On Thu, Jun 25, 2015 at 5:50 PM, Jan Dubois <jand(a)>

On Thu, Jun 25, 2015 at 5:36 PM, Eric Malm <emalm(a)> wrote:
after executing a command, concluding an
interactive session, or copying a file into an instance, that
instance will
be restarted.
What is the purpose of being able to copy a file into an instance if
the instance is restarted as soon as the file has been received?

cf-dev mailing list

Thank you,

James Bayer

cf-dev mailing list

Matthew Sykes

cf-dev mailing list

cf-dev mailing list

Matthew Sykes

Join to automatically receive all group messages.