I created an app with --network set but I couldn’t ssh console into it. Could anyone help?
Steps to reproduce:
My goal is to create an isolated network for the app while I’m still able to fly ssh console into it. I wonder whether that is possible.
Thanks,
Owen
Hi… @jgodoy-fc posted a work-around for this, although it’s a fair amount of effort.
Alternatively, if you just want a non-interactive command, without stdin/stdout streaming or a lot of output, fly m exec can handle that right out of the box.
Hope this helps a little!
ssh console only supports the default network. For other networks you have to use fly ssh issue and establish the SSH connection via ssh (instead of fly ssh) after connecting to WireGuard VPN:
eval `ssh-agent`
fly ssh issue $FLY_ORG_NAME --agent --hours 1
ssh fdaa:7:17d5:a7b:ae:319e:f4e6:2
I connected to the wireguard network but I couldn’t ssh into the machine:
$ ssh fdaa:8:2ddd:a7b:7f08:5d42:9262:2
ssh: connect to host fdaa:8:2ddd:a7b:7f08:5d42:9262:2 port 22: No route to host
Did you create the WireGuard peer in network myapp-123? (fly wg create won’t work because it uses the default network).
fly wg create has no options to specify network:
fly wireguard create -h
Add a WireGuard peer connection to an organization
Usage:
flyctl wireguard create [org] [region] [name] [file] [flags]
Flags:
-h, --help help for create
Global Flags:
-t, --access-token string Fly API Access Token
--debug Print additional logs and traces
--verbose Verbose output
That’s right. You have to create the WG peer using the API (see Create app & add WireGuard peer via API and WireGuard peer on custom network). With the output of the API call, you can edit the wg conf.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.