Recently, my group has experienced an influx in requests to remotely connect to the cluster with their local VSCode environment. When the login nodes do not provide enough resources, what methods are people advising their users?
From my own investigation, I’ve found the Remote - Tunnels VSCode extension as a straightforward solution. This utilizes personal GitHub accounts to authenticate.
I’ve also stumbled across a method from CalTech manually setting .ssh and creating a bash script to establish a tunnel; and an approach using vscode-server from University of Sheffield.
1 Like
I’m not sure what the issue with using VS Code is other than the disk space needed in the home directory. I use the Remote Explorer extension and symlink the .vscode-server (and/or .vscode-server-insiders). I know there’s been some debate about this, but I don’t think this really is that much of a stain on the login node unless the users are doing things like running a Juptyer Notebook through VS Code.
Is this more about figuring out how to run their VS Code on a compute node? Which would require the tunneling you mention (similar to how you might have them run a VNC server on a compute node and tunnel to let direct access to the compute node). When I was Ga Tech, there was a script that handled most of the work of setting up the tunnel for VNC and Jupyter sessions.
However, it might be more effective and less painful to see about deploying VSCode on Open OnDemand. Install Other Interactive Apps — Open OnDemand 3.0.0 documentation
VSCode Remote SSH (or any of their remote offerings) perform just about every operation (file ops, debuggers, formatting, linting, Jupyter) on the remote host. So if the ratio of users to login node resources is high, it can cause service disruptions on the login node.
I will second Remote Tunnels, I’ve found it quite nice and straightforward to use. I’ll caution that there are potential security implications because, while it is end-to-end encrypted, traffic is routed through an Azure service. I’d be cautious about accessing PHI/HIPAA data over that link without an appropriate security review. See the Tunnels Security FAQ entry for more information.
For the sake of completeness, here is an issue I posted on the VSCode Remote tracker about 3.5 years ago about this very subject. Some folks came up with clever ideas for getting Remote SSH jobs on compute nodes. For me, Tunnels is close enough to what I initially asked for.
Another potential option is the FOSS Code Server. At our institution we’ve done demonstrations for making this into an Open OnDemand sandbox app. It works fine, with one caveat. The VSCode Extension Marketplace is closed source and has a restrictive license that prevents forks of VSCode from accessing it. Thus, only open-source extensions are available for automated install via Code Server, and the maintainers have to curate the list themselves. I last used it about 3 years ago, so some things may have changed.
For what it’s worth, there are other issues to get a locally hosted VSCode Server, and to allow local tunnel routing. Both have made it to the backlog, but if my issue is any indication, it may be some time before these are implemented, if ever.
2 Likes