fix(ec2): remove SSM session state w/ best effort approaches.

[Hweinstock]

Problem

The remote connection through VSCode does not terminate the SSM session on close consistently.

Notes:

• We do not get an event when the remote window is closed.

Solution

Leverage two best-effort approaches:

• only allow a single connection from the toolkit to any given EC2 Instance. If a customer attempts to open another remote window in an EC2 instance, we can use that as a sign to terminate the old session.
• on toolkit shutdown (deactivate), remote any sessions that are still running.

Implementation Details

• Implement Ec2RemoteEnvManager to manage the remote environments. Behaves like a map of instance ids to sessions ids that most importantly maintains the invariant that any deleted item has its session terminated.
• Refactor packages/core/src/awsService/ec2/commands.ts and packages/core/src/awsService/ec2/activation.ts to allow for state tracking in EC2ConnectionManager. This change also gives us an opportunity to improve the testing infrastructure for this code.

---

License: I confirm that my contribution is made under the terms of the Apache 2.0 license.

[justinmk3]

I think we have a generalized function somewhere like this already.

[Hweinstock]

Yea, this is just a wrapper around that function that makes sure the node exists. Avoids having the same logic in each command where node is optional. I changed the name to tryRefreshNode to make this clearer.

[justinmk3]

it's a bit subtle that this is actually adding to a global long-lived collection. This logic should live closer to that collection, possibly in a class or something.

Also need to log a warning if the number of connections exceeds a big number, until we have a better way to have visbility and validation of these long-lived collections (which can caused hidden bugs / perf issues).

[justinmk3]

this makes me wonder if there should be 1 manager for everything. having many managers seems like an unnecessary problem, and partly defeats the purpose of a "manager", which is to have one place where visibility/handling can happen.

[Hweinstock]

I agree, I think the word manager is being overused here. Manager also isn't very informative about what each component is responsible for. I am leaning towards renaming them to directly describe what they "do".
Ex. Ec2ConnectionManager --> Ec2Connecter, Ec2RemoteSessionManager --> Ec2SessionTracker. Does that seem like a good direction?

[justinmk3]

is there a session manager for codecatalyst dev envs? if so, it may be worth generalizing it. All of this new test code suggests that it's worth having 1 generalized concept instead of several specific ones.

[Hweinstock]

For CodeCatalyst, we start the connection within the connect script here

aws-toolkit-vscode/packages/core/resources/codecatalyst_connect

Line 97 in 0164d41

exec "$AWS_SSM_CLI" "{\"streamUrl\":\"$STREAM_URL\",\"tokenValue\":\"$TOKEN\",\"sessionId\":\"$SESSION\"}" "$AWS_REGION" "StartSession"

so we don't have any easy way of getting the resulting SessionId in memory (as far as I can tell). Also, I am unsure if the same problem of sessions not terminating still happens in CodeCatalyst due to some of these implementation differences.

[justinmk3]

This could be generalized. I think possibly was, on the https://github.com/aws/aws-toolkit-vscode-staging/tree/feature/lambda-get-started branch.

No action needed here, for now.

[justinmk3]

I assume we'll generalize this later, e.g. for ECS sessions and possibly others in the future.

[justinmk3]

this is the "v2" sdk. may want to double-check if we already have the v3 SDK for ssm-related stuff (just by searching the codebase). that will avoid needing to migrate this later.

[Hweinstock]

Unfortunately, @aws-sdk/client-ssm is not a dependency yet which I think is what we want based on (https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/Package/-aws-sdk-client-ssm/Interface/StartSessionResponse/)