Arvados

16796-arvbox-webshell @ a730ff3281e2a4eff04240e6233c9c13ac8fdbfb

• Add webshell service to arvbox
• Configures shellinabox PAM to accept arvados tokens
• Incorporates Javascript fixes from 16773-webshell-js so login is faster and more reliable
• Remove the "beta" tag from webshell

This is what I found:

• At file tools/arvbox/lib/arvbox/docker/service/webshell/run line 6 - I think we can exclude -x so that it doesn’t fill the screen with unnecessary output.
• Tried webshell on arvbox both running on dev and publicdev modes, and I couldn’t make it work:
  • I get a CORS error in the “dev” mode: Access to XMLHttpRequest at 'https://172.17.0.2:4202/172.17.0.2?' from origin 'https://172.17.0.2' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
  • And "connection refused" in the “publicdev” mode
• Related: Reading the User Guide to see if there was something to be done to make it work, I saw that at file doc/user/getting_started/vm-login-with-webshell.html.textile.liquid line 22 mentions the curoverse.com domain.

Lucas Di Pentima wrote:

This is what I found:

• At file tools/arvbox/lib/arvbox/docker/service/webshell/run line 6 - I think we can exclude -x so that it doesn’t fill the screen with unnecessary output.

That is supposed to go to the logs but was missing a logging redirection, fixed.

• Tried webshell on arvbox both running on dev and publicdev modes, and I couldn’t make it work:
  • I get a CORS error in the “dev” mode: Access to XMLHttpRequest at 'https://172.17.0.2:4202/172.17.0.2?' from origin 'https://172.17.0.2' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
  • And "connection refused" in the “publicdev” mode

I found a change I forgot to check in. Plase try again.

• Related: Reading the User Guide to see if there was something to be done to make it work, I saw that at file doc/user/getting_started/vm-login-with-webshell.html.textile.liquid line 22 mentions the curoverse.com domain.

Thanks, I remove the reference to support@curoverse.com and made a few documentation tweaks.

Now it works on dev mode, but not publicdev:

lucas@buster:~/arvados$ curl -k https://10.1.1.7:4202
curl: (7) Failed to connect to 10.1.1.7 port 4202: Connection refused

Seems that nginx conf needs fixing:

root@cfc31c6207e6:/etc/nginx# grep -nA 5 arvados-webshell /var/lib/arvados/nginx.conf
166:upstream arvados-webshell {
167-  server                localhost:4201;
168-}
169-server {
170-  listen                4202 ssl;
171:  server_name           arvados-webshell;
172-
173-  proxy_connect_timeout 90s;
174-  proxy_read_timeout    300s;
175-
176-  ssl                   on;
--
207:    proxy_pass          http://arvados-webshell;
208-  }
209-}
210-}
211-

With that, it LGTM.