Tunneling to Production

One of the great features of SSH is its ability to tunnel any port to a remote server. I’ve used this SSH command often to connect to a production database:

$ ssh -N -L 27018:localhost:27017 example.com

That SSH command takes all traffic to port 27018 on your local host and tunnels it to 27017 on the remote server.

If you rarely use this command, it’s easy to forget it. So why not create the tunnel directly in the scripts that need it using net-ssh-gateway? We’ve been using this on Gaug.es and it works great.

require 'net/ssh/gateway'

gateway = Net::SSH::Gateway.new(host, username)
gateway.open('127.0.0.1', 27017, 27018)

db = Mongo::Connection.new('127.0.0.1', 27018).db('myapp_production')
# …

ssh and tidbit December 01, 2011

3 Comments

Damien December 1, 2011

That’s a very bad habit to get. It leads to things like this : https://github.com/blog/744-today-s-outage

Better fork the database and import it locally.

Brandon Keepers December 1, 2011

Damien: that is one of the reasons we starting using this technique. We only connect to a read-only slave, so we don’t have to worry about destroying any data.

DGM December 1, 2011

It also could be useful to connect to staging or testing servers that are on a remote network…

Damien December 1, 2011

That’s a very bad habit to get. It leads to things like this : https://github.com/blog/744-today-s-outage

Better fork the database and import it locally.
Brandon Keepers December 1, 2011

Damien: that is one of the reasons we starting using this technique. We only connect to a read-only slave, so we don’t have to worry about destroying any data.
DGM December 1, 2011

It also could be useful to connect to staging or testing servers that are on a remote network…

opensoul.org

Tunneling to Production

3 Comments

Post a Comment

Popular Posts