Capsule - Server Communication via Proxy¶
Summary¶
All inbound and outbound Capsule communication should be routable through a proxy. This is the case where a Capsule cannot directly route it’s traffic to the server nor can the server directly reach the Capsule. If we allow only proxying Capsule content syncing from the Foreman/Katello and a user locks down a Capsule’s HTTP traffic, this could break other functionality of the Capsule See diagram below.
Targeted Release¶
Foreman 1.7 / Katello 2.1
Targeted Persona¶
Status¶
Use Cases¶
Owner - David Caplan
Status - In Progress
Blockers - None
Requirements¶
Owner - Mike Mccune / David Caplan
Status - In Progress
Blockers - None
Wireframes¶
Owner - Kyle Baker
Status - Not Started
Blockers - Waiting on User Stories & Requirements
Last updated TBD - --
Development Stories¶
Owner - Walden Raines
Status - Not Started
Expected Delivery - TBD
Blockers - Waiting on Wireframes
Documentation¶
Bugs/RFEs¶
https://bugzilla.redhat.com/show_bug.cgi?id=1114083
Use Cases¶
Capsule to Server¶
- Pulp node syncing content from the server
- Puppet master reporting
- Qpid traffic (if client communication is routed through the Capsule)
- Sub-man traffic being routed via reverse-proxy to the Capsule
Server to Capsule¶
- Initial creation and discovery of the Capsule
- Feature refresh of the Capsule
- Qpid traffic (if client communication is routed through the Capsule)
Requirements¶
- Capsules should support individual proxy configurations server side
- Capsule puppet masters should support routing traffic through an HTTP proxy
- Qpid should support routing traffic through a proxy on the Server or Capsule
- Capsule reverse proxy should support routing through an external HTTP proxy
Development Stories¶
--
Updated by Eric Helms almost 10 years ago · 18 revisions