![]() And like us Linux users sometimes do, I decided to ask the community what the easiest way to do this is, so I hopped on the #linux (freenode) IRC channel. This greatly reduces the surface attack area for your secure network (and servers).Ī couple of weeks ago, I was getting frustrated with what I thought was the de facto way to connect through a jumpbox. You would have access to your jumpbox, and your jumpbox would have access to your secure network. This is where the jumpbox would come into play. That’s all fine and well, but typically if you’re connecting through the public internet you wouldn’t have access to your protected server(s). ![]() When provisioning or setting up your Linux servers in your data center, your favorite cloud service provider, or under your desk it is a common practice to add your SSH public key to authorized keys on the destination server. To SSH to a server through a jumpbox, you can use ssh -J The longer version Typically, you may have what is commonly referred to as a “jumpbox”, which is accessible from a public network (sometimes this jumpbox would be in a DMZ). Worst case scenario, if my entire desktop or laptop blows chunks, I can still just remote into my jump box and keep right on working.This is a common pattern: You have a protected server (or servers) that aren’t publicly accessible. I get way less nervous about updates to my client machine when I know that the only stuff installed there is productivity applications. Jump boxes were a big part of what enabled me to switch from Windows to Mac over a decade ago and continue to work happily there today. When your Recovery Time Objective is measured in minutes, you can’t afford to be waiting for a jump box. I’m personally a fan of a jump box for every single admin – that way if somebody hoses up their own jump box with a crappy installation or they want to reboot to fix something, it doesn’t break anyone else’s productivity. When disaster strikes, if there’s only one jump box VM available, knife fights will break out for who’s able to log in. A jump box means you only have to get onto your company’s VPN, then remote desktop into your jump box, and you’re right at home. Disasters are carefully timed to strike when you’re at your parents’ house, when somebody else was supposed to be on call, and when you didn’t bring your laptop with you. ![]() Not only does this come in handy for long-running queries, but also for emergency troubleshooting. Install your tools there, the client for your monitoring software, SentryOne Plan Explorer, etc. What you want instead is a jump box or jump server: a virtual machine that lives where your servers live, so you don’t have to worry about uptime or connectivity. Thank goodness nothing like that has ever happened in a production environment. You’re going to be tempted to remote desktop directly into the SQL Server itself and run the query there.ĭid I ever tell you about the time a training class student started a long query, then came back to find that it had returned millions of rows, blew up SSMS’s memory, ended up filling the drive, and causing the VM to crash? That was awesome. You’re going to want to make sure that it succeeds and that you can see the full output – even if your workstation disconnects – or maybe you want to check the status from home later. Every now and then, you’re going to need to run a query that takes a long time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |