Arvados

Currently, the "container shell" port forwarding feature only works on containers with network access enabled via RuntimeConstraints: {API: true} (aside: it is possible for crunch-run to enable the required networking features on the fly to make it work on containers with API: false but this is not yet implemented).

When the container does not have networking enabled, "arvados-client shell {uuid} -L1234:localhost:1234" at first appears to work (it doesn't complain or fail), but when a client tries to use this connection, mysterious error messages appear:

(on client host)

$ go tool pprof -http :6060 http://localhost:6000/debug/pprof/goroutine
Fetching profile over HTTP from http://localhost:6000/debug/pprof/goroutine
http://localhost:6000/debug/pprof/goroutine: Get "http://localhost:6000/debug/pprof/goroutine": EOF

(in arvados-client shell session)

channel 3: bad ext data

In this situation where port forwarding isn't supported, the SSH server should print a message on the client's stderr when first setting up the SSH connection with port forwarding enabled, and/or print a more helpful message on the client's stderr when attempting to connect to the forwarded port.