Unable to SSH to app container
Article ID: 297495
Updated On:
Products
VMware Tanzu Application Service for VMs
Issue/Introduction
Enabling 'Allow SSH access to app containers' in the TAS Ops Man tile and in CF returns that SSH is enabled; but when trying to connect, it returns an error that the connection is refused.
Resolution
The "*.ssh.<system-domain>" domain is likely being resolved to the Gorouters rather than the Diego brain. CF SSH uses port 2222 of the Diego brain to reach the ssh-proxy and the Gorouter does not listen on port 2222 so any connection attempt through the Gorouter will be refused. You can verify this by doing a ping of "ssh.<system-domain>" and grepping the IP used in "bosh vms".
The customer needs to update their DNS so that "*.ssh.<system-domain>" resolves to the IP pool for the Diego brains.
See here for details:
Feedback
Yes
No
Powered by
