Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

az network bastion tunnel - Localhost tunnel only - Add ability to listen on IP or Any IP address. #4568

Open
Hyper200 opened this issue Mar 24, 2022 · 12 comments
Open

az network bastion tunnel - Localhost tunnel only - Add ability to listen on IP or Any IP address. #4568

Hyper200 opened this issue Mar 24, 2022 · 12 comments
Labels
Auto-Assign Auto assign by bot customer-reported Issues that are reported by GitHub users external to the Azure organization. feature-request This issue requires a new behavior in the product in order be resolved. needs-team-attention This issue needs attention from Azure service team or SDK team Network - Bastion Network Service Attention This issue is responsible by Azure service team.
Milestone
Backlog

Comments

@Hyper200
Copy link

Hyper200 commented Mar 24, 2022
edited
Loading

  • If the issue is to do with Azure CLI 2.0 in-particular, create an issue here at Azure/azure-cli

This is autogenerated. Please review and update as needed.

Describe the bug

Command Name
az network bastion tunnel

Errors:

The command failed with an unexpected error. Here is the traceback:
invalid literal for int() with base 10: '0.0.0.0:54321'
Traceback (most recent call last):
  File "/opt/az/lib/python3.8/site-packages/knack/cli.py", line 231, in invoke
    cmd_result = self.invocation.execute(args)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 658, in execute
    raise ex
  File "/opt/az/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 721, in _run_jobs_serially
    results.append(self._run_job(expanded_arg, cmd_copy))
  File "/opt/az/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 692, in _run_job
    result = cmd_copy(params)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 328, in __call__
    return self.handler(*args, **kwargs)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler
    return op(**command_args)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/command_modules/network/custom.py", line 8212, in create_bastion_tunnel
    tunnel_server = get_tunnel(cmd, resource_group_name, bastion_host_name, target_resource_id, resource_port, port)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/command_modules/network/custom.py", line 8198, in get_tunnel
    tunnel_server = TunnelServer(cmd.cli_ctx, 'localhost', port, bastion, vm_id, resource_port)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/command_modules/network/tunnel.py", line 43, in __init__
    self.local_port = int(local_port)
ValueError: invalid literal for int() with base 10: '0.0.0.0:54321'

To Reproduce:

Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.

  • Put any pre-requisite steps here...
  • az network bastion tunnel --name bas-defra-prod-uks-01 --resource-group RG-UKS-DEFRA-PROD-01 --target-resource-id ########## --resource-port "3389" --port "0.0.0.0:54321"

Expected Behavior

Environment Summary

Linux-5.10.60.1-microsoft-standard-WSL2-x86_64-with-glibc2.29, Ubuntu 20.04.3 LTS
Python 3.8.12
Installer: DEB

azure-cli 2.34.1

Extensions:
azure-firewall 0.3.0
image-copy-extension 0.2.8

Dependencies:
msal 1.16.0
azure-mgmt-resource 20.0.0

Additional Context

I use azure cli via WSL in ubuntu, unfortunately the following command does not work

az network bastion tunnel --name bas-defra-prod-uks-01 --resource-group RG-UKS-DEFRA-PROD-01 --target-resource-id --resource-port "3389" --port "0.0.0.0:54321

Presumable this is because it is expecting a port only, the issue here is i want to use the RDP client on windows, which would go via the tunnel in wsl via the WSL IP.

The --port by default will listen on localhost only, can this be updated to allow to set an IP address as shown in the exmaple above? as this allows for WSL port forwarding.

Thanks,

Joe.
@ghost ghost added question The issue doesn't require a change to the product in order to be resolved. Most issues start as that customer-reported Issues that are reported by GitHub users external to the Azure organization. Network labels Mar 24, 2022
@ghost ghost added this to the Backlog milestone Mar 24, 2022
@ghost ghost assigned kairu-ms Mar 24, 2022
@ghost ghost added the Auto-Assign Auto assign by bot label Mar 24, 2022
@yonzhan yonzhan added Network - Bastion CXP Attention This issue is handled by CXP team. and removed question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Mar 25, 2022
@ghost
Copy link

ghost commented Mar 25, 2022

Thank you for your feedback. This has been routed to the support team for assistance.

@yonzhan
Copy link
Collaborator

yonzhan commented Mar 25, 2022

route to CXP team

@georgewfisher
Copy link

@yonzhan Any updates on this issue?

@yonzhan
Copy link
Collaborator

yonzhan commented Apr 26, 2022

bastion service team should take a look

@navba-MSFT navba-MSFT assigned navba-MSFT and unassigned kairu-ms May 4, 2022
@navba-MSFT navba-MSFT added the feature-request This issue requires a new behavior in the product in order be resolved. label May 4, 2022
@navba-MSFT
Copy link
Contributor

@Hyper200 Apologies for the late reply. Thanks for reaching out to us and reporting this issue. I am looking into this ask. I will get back to you once I have more Information on this.

@navba-MSFT
Copy link
Contributor

@Hyper200 Unfortunately, At this time we only allow the port to be a local host port which wouldn’t allow how it’s specified. Alternatively you can do this tunnel and then forward the port to the address you want to. Hope this helps.

@Hyper200
Copy link
Author

Hyper200 commented May 9, 2022

Can we re-open this please?

You can't use a tunnel on WSL because you must listen on 0.0.0.0 for it to be accessable via Windows whilst the ubuntu instance is running the command.

@navba-MSFT navba-MSFT reopened this May 9, 2022
@navba-MSFT navba-MSFT added Service Attention This issue is responsible by Azure service team. and removed CXP Attention This issue is handled by CXP team. labels May 12, 2022
@navba-MSFT navba-MSFT removed their assignment May 12, 2022
@ghost
Copy link

ghost commented May 12, 2022

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @aznetsuppgithub.

Issue Details
  • If the issue is to do with Azure CLI 2.0 in-particular, create an issue here at Azure/azure-cli

This is autogenerated. Please review and update as needed.

Describe the bug

Command Name
az network bastion tunnel

Errors:

The command failed with an unexpected error. Here is the traceback:
invalid literal for int() with base 10: '0.0.0.0:54321'
Traceback (most recent call last):
  File "/opt/az/lib/python3.8/site-packages/knack/cli.py", line 231, in invoke
    cmd_result = self.invocation.execute(args)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 658, in execute
    raise ex
  File "/opt/az/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 721, in _run_jobs_serially
    results.append(self._run_job(expanded_arg, cmd_copy))
  File "/opt/az/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 692, in _run_job
    result = cmd_copy(params)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/core/commands/__init__.py", line 328, in __call__
    return self.handler(*args, **kwargs)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/core/commands/command_operation.py", line 121, in handler
    return op(**command_args)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/command_modules/network/custom.py", line 8212, in create_bastion_tunnel
    tunnel_server = get_tunnel(cmd, resource_group_name, bastion_host_name, target_resource_id, resource_port, port)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/command_modules/network/custom.py", line 8198, in get_tunnel
    tunnel_server = TunnelServer(cmd.cli_ctx, 'localhost', port, bastion, vm_id, resource_port)
  File "/opt/az/lib/python3.8/site-packages/azure/cli/command_modules/network/tunnel.py", line 43, in __init__
    self.local_port = int(local_port)
ValueError: invalid literal for int() with base 10: '0.0.0.0:54321'

To Reproduce:

Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.

  • Put any pre-requisite steps here...
  • az network bastion tunnel --name bas-defra-prod-uks-01 --resource-group RG-UKS-DEFRA-PROD-01 --target-resource-id ########## --resource-port "3389" --port "0.0.0.0:54321"

Expected Behavior

Environment Summary

Linux-5.10.60.1-microsoft-standard-WSL2-x86_64-with-glibc2.29, Ubuntu 20.04.3 LTS
Python 3.8.12
Installer: DEB

azure-cli 2.34.1

Extensions:
azure-firewall 0.3.0
image-copy-extension 0.2.8

Dependencies:
msal 1.16.0
azure-mgmt-resource 20.0.0

Additional Context

I use azure cli via WSL in ubuntu, unfortunately the following command does not work

az network bastion tunnel --name bas-defra-prod-uks-01 --resource-group RG-UKS-DEFRA-PROD-01 --target-resource-id --resource-port "3389" --port "0.0.0.0:54321

Presumable this is because it is expecting a port only, the issue here is i want to use the RDP client on windows, which would go via the tunnel in wsl via the WSL IP.

The --port by default will listen on localhost only, can this be updated to allow to set an IP address as shown in the exmaple above? as this allows for WSL port forwarding.

Thanks,

Joe.

Author: Hyper200
Assignees: navba-MSFT
Labels:

customer-reported, Network, Service Attention, feature-request, Network - Bastion, Auto-Assign
Milestone: Backlog

@navba-MSFT
Copy link
Contributor

@Hyper200 I am adding Service Team to look into this issue.

@aznetsuppgithub Could you please look into this as and provide an update once you get a chance ? Awaiting your reply.

@navba-MSFT navba-MSFT added the needs-team-attention This issue needs attention from Azure service team or SDK team label May 12, 2022
@navba-MSFT
Copy link
Contributor

@Hyper200 I have heard back from the Product Owners that they don’t think they have this feature scheduled yet, but they can certainly look into it. In the meantime, would you be able to use the native client’s rdp connectivity? I was able to verify that it works from a WSL session with one of my test VMs. Awaiting your reply.

@navba-MSFT navba-MSFT added needs-author-feedback More information is needed from author to address the issue. and removed needs-team-attention This issue needs attention from Azure service team or SDK team labels May 25, 2022
@ghost ghost added the no-recent-activity There has been no recent activity on this issue. label Jun 1, 2022
@ghost
Copy link

ghost commented Jun 1, 2022

Hi, we're sending this friendly reminder because we haven't heard back from you in a while. We need more information about this issue to help address it. Please be sure to give us your input within the next 7 days. If we don't hear back from you within 14 days of this comment the issue will be automatically closed. Thank you!

@Hyper200
Copy link
Author

Hyper200 commented Jun 1, 2022

Hi @navba-MSFT

I'm not entirly sure what the native RDP from wsl via Azure CLI is but i'll go and do some digging and see. I have a work around in that i just use the azure CLI from the windows machine and use RDP on that, but i would rather keep my configurations from WSL where possiable.

@ghost ghost added needs-team-attention This issue needs attention from Azure service team or SDK team and removed needs-author-feedback More information is needed from author to address the issue. no-recent-activity There has been no recent activity on this issue. labels Jun 1, 2022
fengxx added a commit to fengxx/azure-cli-extensions that referenced this issue Jan 18, 2024
@fengxx
fix Azure#4568, allow user to set tunnel bind address
633a881
fengxx added a commit to fengxx/azure-cli-extensions that referenced this issue Jan 18, 2024
@fengxx
fix Azure#4568, allow user to set tunnel bind address via --bind-host
b5f82d3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Auto-Assign Auto assign by bot customer-reported Issues that are reported by GitHub users external to the Azure organization. feature-request This issue requires a new behavior in the product in order be resolved. needs-team-attention This issue needs attention from Azure service team or SDK team Network - Bastion Network Service Attention This issue is responsible by Azure service team.
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
5 participants
@georgewfisher @Hyper200 @yonzhan @navba-MSFT @kairu-ms