VSCode server extension installs itself on host instead on the CT

This is not the right forum to be asking VSCode specific questions unrelated to Proxmox, but I can probably guess what your issue is: make sure you use the Remote-SSH extension to connect over SSH to the container. Then everything will be installed on the container.

You surely provided the Proxmox *host* ssh connection. VSCode will use your .ssh/config file to know what file is what so it's possible your config is screwed up (i.e. you have your proxmox host with your container's name).
 
This is not the right forum to be asking VSCode specific questions unrelated to Proxmox, but I can probably guess what your issue is: make sure you use the Remote-SSH extension to connect over SSH to the container. Then everything will be installed on the container.

You surely provided the Proxmox *host* ssh connection. VSCode will use your .ssh/config file to know what file is what so it's possible your config is screwed up (i.e. you have your proxmox host with your container's name).

The extension connects perfectly to the Container and it work like a charm. On the host, I've got the firewall with the port forwarding enabled (I use just 1 public IP, 1 domain name per Container, and 1 SSH different port per Container). It forwards the port 22200 to the port 22 of the Container. My .ssh/config file containes the domain name of the Host (which is the Container domain name), the Hostname (which is the Container domain name), the user, the port (which is 22200), and the statement PasswordAuthentication Yes:

.ssh/config
Code:
Host container.domain.it
    HostName container.domain.it
    User root
    Port 22200
    PasswordAuthentication Yes

I noticed this because Proxmox couldn't start the Containers anymore. It threw several errors. Taking a look at all active processes on the host I noticed several VSCode processes. Stopping the extension and closing VSCode, all processes on the Proxmox host went terminated and Proxmox works again perfectly.
 
VSCode is connecting to your host and not the container. Your domain name or port forwarding isn't setup right. If VSCode were connecting to the container it wouldn't be able to touch the host and install the remote development server. What happens when you `ssh container.domain.it`? What machine are you connecting to? The host, right?
My .ssh/config file containes the domain name of the Host (which is the Container domain name)

What?
 
VSCode is connecting to your host and not the container. Your domain name or port forwarding isn't setup right. If VSCode were connecting to the container it wouldn't be able to touch the host and install the remote development server. What happens when you `ssh container.domain.it`? What machine are you connecting to? The host, right?


What?

This is what I thought too.

Code:
$ ssh container.domain.it
Connection refused

Because the host itself uses another SSH port (not the 22).

Take a look at the first .ssh/config line.
 
Last edited:
Don’t use the domain/ip as the “Host” in your ssh config. Use an alias like “container”.

Then make it so that `ssh container` works and connects to your container and NOT your host. This will require fixing the port forwarding or whatever is incorrect about your setup. Don’t touch VSCode until this works.

Then use VSCode to connect to “container” and it will work right.
 
Don’t use the domain/ip as the “Host” in your ssh config. Use an alias like “container”.

Then make it so that `ssh container` works and connects to your container and NOT your host. This will require fixing the port forwarding or whatever is incorrect about your setup. Don’t touch VSCode until this works.

Then use VSCode to connect to “container” and it will work right.
How can it connect to the host if host itself is using port 10000 (port 22 is blocked)?
 
How can it connect to the host if host itself is using port 10000 (port 22 is blocked)?
I honestly don’t understand your setup or question, but nothing should be connecting to the host. VSCode should ssh into the container, and if you can’t ssh directly into the container from the command line VSCode isn’t going to connect either.

Get command line ssh to the *container* working. Then connect VSCode to the container. Never connect anything to the host. It’s super simple.
 
I honestly don’t understand your setup or question, but nothing should be connecting to the host. VSCode should ssh into the container, and if you can’t ssh directly into the container from the command line VSCode isn’t going to connect either.

Get command line ssh to the *container* working. Then connect VSCode to the container. Never connect anything to the host. It’s super simple.

Code:
ssh -p22200 container.domain.it
works. I can already connect to the Container. This is indeed my incredulity. How does VSCode Remote Extension start several processes on the Proxmox host while it just connected on the Container??? This is an unprivileged Container if this can helps.
 
Last edited:
You're assuming I'm being loose in my instructions and not doing exactly what I said. If you want to fix your problem do EXACTLY this:
  1. Change your ssh config to have the "Host" value be "container" instead of "container.domain.it"
  2. Make sure the port is correct to connect to the container
  3. Make sure you can ssh into the container from the command line by typing EXACTLY JUST `ssh container`
  4. Tell VSCode to connect to a remote SSH machine and select "container" (which will be in the dropdown because it will parse your ssh config)
I think that in your previous attempts VSCode is connecting to container.domain.it:22 and not using your ssh config. That is making it connect to the host. Do NOT use an IPv4 address or dns-resolvable hostname for the ssh config Host value. You're confusing yourself about what's connecting to what.
 
You're assuming I'm being loose in my instructions and not doing exactly what I said. If you want to fix your problem do EXACTLY this:
  1. Change your ssh config to have the "Host" value be "container" instead of "container.domain.it"
  2. Make sure the port is correct to connect to the container
  3. Make sure you can ssh into the container from the command line by typing EXACTLY JUST `ssh container`
  4. Tell VSCode to connect to a remote SSH machine and select "container" (which will be in the dropdown because it will parse your ssh config)
I think that in your previous attempts VSCode is connecting to container.domain.it:22 and not using your ssh config. That is making it connect to the host. Do NOT use an IPv4 address or dns-resolvable hostname for the ssh config Host value. You're confusing yourself about what's connecting to what.

How can any SSH client or VSCode Remote extension connect to Container's port 22 if it's not directly exposed and if Host's port 22 is blocked and Host's ssh daemon is configured to run on port 10000???

N.B. VSCode Remote extension connects right to the Container and it works like a charm on the Container.
 
That's an excellent question and I don't know the answer. I was just trying to help you get VSCode connected to your container.

Since VSCode *did* connect to the host, though, something about your config isn't setup the way you think it is.

Yeah, thanks, sure I appreciate. Maybe you are right, there's something in my setup that is not configured in the right way. Instead, I think VSCode Remote Extension is configured well but it's able to start (in some way that I don't know) processes on the Proxmox host machine.
 
Yeah, thanks, sure I appreciate. Maybe you are right, there's something in my setup that is not configured in the right way. Instead, I think VSCode Remote Extension is configured well but it's able to start (in some way that I don't know) processes on the Proxmox host machine.
Yeah which is definitely straightforwardly that it is connecting via ssh to the host (somehow). There's no accidental container escape or anything, heh.
 
process running in a container are visible from the host - maybe you are just confused about what is running where?

if you look at the process tree with "ps faxl", you will see a subtree for each container, e.g. like this:
Code:
...
5     0    3691       1  20   0  11808  3752 -      Ss   ?          0:00 [lxc monitor] /var/lib/lxc 100
4 100000   3933    3691  20   0  56808  4800 -      Ss   ?          0:00  \_ /sbin/init
4 100000   3994    3933  20   0  46092  8360 -      Ss   ?          0:00      \_ /lib/systemd/systemd-journald
4 100000   3999    3933  20   0  43028  1848 -      Ss   ?          0:00      \_ /lib/systemd/systemd-udevd
4 100000   4012    3933  20   0 180476  2060 -      Ssl  ?          0:00      \_ /usr/sbin/rsyslogd -n
4 100000   4013    3933  20   0  37980  2992 -      Ss   ?          0:00      \_ /lib/systemd/systemd-logind
4 100107   4014    3933  20   0  45112  2224 -      Ss   ?          0:00      \_ /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
4 100000   4031    3933  20   0  29636  1512 -      Ss   ?          0:00      \_ /usr/sbin/cron -f
4 100000   4281    3933  20   0  14300  1248 -      Ss+  pts/0      0:00      \_ /sbin/agetty --noclear --keep-baud console 115200,38400,9600 linux
4 100000   4282    3933  20   0  14300  1244 -      Ss+  pts/0      0:00      \_ /sbin/agetty --noclear --keep-baud tty1 115200,38400,9600 linux
4 100000   4283    3933  20   0  14300  1256 -      Ss+  pts/1      0:00      \_ /sbin/agetty --noclear --keep-baud tty2 115200,38400,9600 linux
5 100108   4294    3933  20   0  53840  1484 -      S    ?          0:00      \_ /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpk
4 100000   4297    3933  20   0  69952  3624 -      Ss   ?          0:00      \_ /usr/sbin/sshd -D
5 100000   4542    3933  20   0  81180  3008 -      Ss   ?          0:00      \_ /usr/lib/postfix/sbin/master -w
4 100101   4545    4542  20   0  83296  4560 -      S    ?          0:00          \_ qmgr -l -t unix -u
4 100101 241090    4542  20   0  83248  4504 -      S    ?          0:00          \_ pickup -l -t unix -u -c
...

those are the processes running in container 100.
 
process running in a container are visible from the host - maybe you are just confused about what is running where?

if you look at the process tree with "ps faxl", you will see a subtree for each container, e.g. like this:
Code:
...
5     0    3691       1  20   0  11808  3752 -      Ss   ?          0:00 [lxc monitor] /var/lib/lxc 100
4 100000   3933    3691  20   0  56808  4800 -      Ss   ?          0:00  \_ /sbin/init
4 100000   3994    3933  20   0  46092  8360 -      Ss   ?          0:00      \_ /lib/systemd/systemd-journald
4 100000   3999    3933  20   0  43028  1848 -      Ss   ?          0:00      \_ /lib/systemd/systemd-udevd
4 100000   4012    3933  20   0 180476  2060 -      Ssl  ?          0:00      \_ /usr/sbin/rsyslogd -n
4 100000   4013    3933  20   0  37980  2992 -      Ss   ?          0:00      \_ /lib/systemd/systemd-logind
4 100107   4014    3933  20   0  45112  2224 -      Ss   ?          0:00      \_ /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
4 100000   4031    3933  20   0  29636  1512 -      Ss   ?          0:00      \_ /usr/sbin/cron -f
4 100000   4281    3933  20   0  14300  1248 -      Ss+  pts/0      0:00      \_ /sbin/agetty --noclear --keep-baud console 115200,38400,9600 linux
4 100000   4282    3933  20   0  14300  1244 -      Ss+  pts/0      0:00      \_ /sbin/agetty --noclear --keep-baud tty1 115200,38400,9600 linux
4 100000   4283    3933  20   0  14300  1256 -      Ss+  pts/1      0:00      \_ /sbin/agetty --noclear --keep-baud tty2 115200,38400,9600 linux
5 100108   4294    3933  20   0  53840  1484 -      S    ?          0:00      \_ /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpk
4 100000   4297    3933  20   0  69952  3624 -      Ss   ?          0:00      \_ /usr/sbin/sshd -D
5 100000   4542    3933  20   0  81180  3008 -      Ss   ?          0:00      \_ /usr/lib/postfix/sbin/master -w
4 100101   4545    4542  20   0  83296  4560 -      S    ?          0:00          \_ qmgr -l -t unix -u
4 100101 241090    4542  20   0  83248  4504 -      S    ?          0:00          \_ pickup -l -t unix -u -c
...

those are the processes running in container 100.

That's for sure, because I didn't know. So, that's could be the explanation but... why does Proxmox start to throw errors if there are several VSCode processes on the Container? Sometime like... I cannot start any Container (not just the one "busy"), press TAB key to autocomplete the command on the Proxmox host itself, etc...

Do you know if there's another utility instead of ps (maybe something like htop) the look the process tree?
 
htop can also show you a tree view of the running processes..
 
htop can also show you a tree view of the running processes..
:D Just figured out I can do it by pressing F5 key. Thanks

But why does Proxmox start to throw errors if there are several VSCode processes on the Container? Sometime like... I cannot start any Container (not just the one "busy"), press TAB key to autocomplete the command on the Proxmox host itself, etc...

Taking a look at the process tree I can confirm what you said. All VSCode processes running on the Container.
 
Last edited:
This is (e.g.) what I receive when I try to press TAB key to autocomplete the command on the Proxmox host when VSCode Extension is connected to the Container (I was trying to write pct enter 204):

Code:
root@myserver:~# pct entUnable to create new inotify object: Too many open files at /usr/share/perl5/PVE/INotify.pm line 397.

Anyway, trying to run pct enter 200 (or any other container number) it won't run. I receive this error: Unable to create new inotify object: Too many open files at /usr/share/perl5/PVE/INotify.pm line 397

Then, once VSCode extension has been disconnected, all VSCode processes on the Container stop and the situation come back to the normality.

Why this happen???
 
This is (e.g.) what I receive when I try to press TAB key to autocomplete the command on the Proxmox host when VSCode Extension is connected to the Container (I was trying to write pct enter 204):

Code:
root@myserver:~# pct entUnable to create new inotify object: Too many open files at /usr/share/perl5/PVE/INotify.pm line 397.

Anyway, trying to run pct enter 200 (or any other container number) it won't run. I receive this error: Unable to create new inotify object: Too many open files at /usr/share/perl5/PVE/INotify.pm line 397

Then, once VSCode extension has been disconnected, all VSCode processes on the Container stop and the situation come back to the normality.

Why this happen???

https://bugzilla.proxmox.com/show_bug.cgi?id=1042 please upgrade your pve-container package (and reboot, or apply the sysctl values manually)
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!