CapsuleCommunication » History » Revision 12
Revision 11 (Eric Helms, 10/29/2014 08:54 AM) → Revision 12/18 (Eric Helms, 10/29/2014 08:54 AM)
h1. Capsule - Server Communication via Proxy
All inbound and outbound Capsule communication should be routable through a proxy. This is the case where a Capsule cannot directly route it’s traffic to the server nor can the server directly reach the Capsule. If we allow only proxying Capsule content syncing from the Foreman/Katello and a user locks down a Capsule’s HTTP traffic, this could break other functionality of the Capsule See diagram below.
h3. Related BZs:
https://bugzilla.redhat.com/show_bug.cgi?id=1114083
!{width: 80%, height: 50%}http://projects.theforeman.org/attachments/download/999/capsule_server_proxy.png!
h3. Capsule to Server
* Pulp node syncing content from the server
* Puppet master reporting
* Qpid traffic (if client communication is routed through the Capsule)
* Sub-man traffic being routed via reverse-proxy to the Capsule
h3. Server to Capsule
* Initial creation and discovery of the Capsule
* Feature refresh of the Capsule
* Qpid traffic (if client communication is routed through the Capsule)
h3. Requirements
# Capsules should support individual proxy configurations server side
# Capsule puppet masters should support routing traffic through an HTTP proxy
# Qpid should support routing traffic through a proxy on the Server or Capsule
# Capsule reverse proxy should support routing through an external HTTP proxy