如何使用以ruby开头的SSM端口转发会话的结果? [英] How do I use the results of an SSM port forwarding session started with ruby?
问题描述
我在调和使用aws cli和ruby sdk建立与实例的ssm连接之间的差异时遇到麻烦.例如,如果我尝试使用如下命令:
I'm having trouble reconciling the differences between using the aws cli and the ruby sdk to make ssm connections to an instance. For example, if I try using the command like like this:
aws ssm start-session \
--target 'i-abc123' \
--document-name AWS-StartPortForwardingSession \
--parameters '{
"portNumber": ["3000"],
"localPortNumber": ["13000"]
}'
Starting session with SessionId: username-def456
Port 13000 opened for sessionId username-def456.
Waiting for connections...
Connection accepted for session [username-def456]
该工具将暂停,因为它将打开从目标实例上的端口3000到本地计算机上的端口13000的端口转发会话.然后,我可以在机器上打开Web浏览器并将其指向 http://localhost:13000
,以浏览在远程实例上运行的应用程序.另外,我可以查看AWS控制台UI并看到有活动会话,直到我按下Ctrl-C
the tool will pause as it opens up a port forwarding session from port 3000 on the destination instance to port 13000 on my local machine. I can then open up a web browser on my machine and point it at http://localhost:13000
to browse around an app running on the remote instance. Also, I can look at the AWS console UI and see that there's an active session until I Ctrl-C
我遇到的麻烦是当我尝试使用ruby sdk执行相同的操作时:
The trouble I'm having is when I try to use the ruby sdk to do the same thing:
result = ssm.start_session(
target: 'i-abc123',
document_name: 'AWS-StartPortForwardingSession',
parameters: {
'portNumber' => %w[3000],
'localPortNumber' => %w[13000]
}
)
result
对象是一个类似于以下内容的结构:
The result
object is a struct that looks like the following:
=> #<struct Aws::SSM::Types::StartSessionResponse
session_id="username-def456",
token_value="...",
stream_url="wss://ssmmessages.us-east-1.amazonaws.com/v1/data-channel/username-def456?
role=publish_subscribe">
同样,我在控制台UI中看到有一个活动会话.但是,如果尝试在计算机上浏览到 http://localhost:13000
,则浏览器将无法访问任何内容.如何使用生成的流URL和令牌实际创建与ec2实例的连接?
Again, I can see in the console UI that there is an active session. However, if I try to browse to http://localhost:13000
on my machine, the browser can't reach anything. How do I use the resulting stream url and token to actually create a connection to the ec2 instance?
其他详细信息:
- ruby sdk的核心宝石版本:3.109.2
- aws cli版本-aws-cli/2.1.16
- aws ssm代理版本-Amazon-ssm-agent-3.0.356.0-1.x86_64
推荐答案
从API中获得的回报是对Web套接字的引用.因此,您要么需要创建到本地侦听器代理的Web套接字,要么像aws cli实用程序一样使用session-manager-plugin.
What you get back from the API is a reference to a web socket. So you either need to create your own web socket to local listener proxy or use the session-manager-plugin as the aws cli utility does.
我最近想出了如何使用session-manager-plugin,下面的代码段是Python,但是应该很明显可以弄清楚它.
I recently figured out how to use the session-manager-plugin, the following snippet is Python but should be obvious enough to figure it out.
def start_aws_ssm_plugin(self, create_session_response, parameters, profile, region):
print('start_aws_ssm_plugin() called: ' + str( create_session_response))
arg0 = '"' + self.config.get_ssm_plugin() + '"'
arg1 = '"' + str(create_session_response).replace('\'', '\\"') + '"'
arg2 = region
arg3 = 'StartSession'
arg4 = profile
arg5 = '"' + str(parameters).replace('\'', '\\"') + '"'
arg6 = 'https://ssm.{region}.amazonaws.com'.format(region=region)
command = arg0 + ' ' + arg1 + ' ' + arg2 + ' ' + arg3 + ' ' + arg4 + ' ' + arg5 + ' ' + arg6
print(command)
# print('session-manager-plugin', arg1, arg2, arg3, arg4, arg5, arg6)
pid = subprocess.Popen(command).pid
return pid
# end def
(是的,这只是一个快速而肮脏的原型.;))
(And yes, this was just a quick and dirty prototype.;))
这篇关于如何使用以ruby开头的SSM端口转发会话的结果?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!