CapsuleCommunication » History » Revision 7
Revision 6 (Eric Helms, 10/29/2014 08:49 AM) → Revision 7/18 (Eric Helms, 10/29/2014 08:51 AM)
h1. Capsule - Server Communication via Proxy
All inbound and outbound Capsule communication should be routable through a proxy. This is the case where a Capsule cannot directly route it’s traffic to the server nor can the server directly reach the Capsule. If we allow only proxying Capsule content syncing from the Foreman/Katello and a user locks down a Capsule’s HTTP traffic, this could break other functionality of the Capsule See diagram below.
h3. Related BZs:
https://bugzilla.redhat.com/show_bug.cgi?id=1114083
!http://projects.theforeman.org/attachments/download/998/Capsule%20-%20Server%20Proxy%20(1).png!
<img src="http://projects.theforeman.org/attachments/download/998/Capsule%20-%20Server%20Proxy%20(1).png"/>
h3. Capsule to Server
* Pulp node syncing content from the server
* Puppet master reporting
* Qpid traffic (if client communication is routed through the Capsule)
* Sub-man traffic being routed via reverse-proxy to the Capsule
h3. Server to Capsule
* Initial creation and discovery of the Capsule
* Feature refresh of the Capsule
* Qpid traffic (if client communication is routed through the Capsule)
h3. Requirements
# Capsules should support individual proxy configurations server side
# Capsule puppet masters should support routing traffic through an HTTP proxy
# Qpid should support routing traffic through a proxy on the Server or Capsule
# Capsule reverse proxy should support routing through an external HTTP proxy