Project

Profile

Help

Task #1190

closed

Story #1150: As a user, I can lazily fetch repositories

Create a httpd config for the lazy streamer

Added by bmbouter over 7 years ago. Updated over 3 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
2.8.0
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Description

Part of the lazy component set is an Apache server that acts as an SSL termination point (since squid can't cache encrypted traffic) and enforces content protection. The client is redirected to this Apache server (by way of story #1180) when the content is missing from the Pulp server, but is part of a lazy-loaded repository. When a client connects Apache will need to check the presented client certificate (if any) to ensure they have access to the content. Apache will then keep the connection to the client open while it connects to Squid on localhost:3128 and requests the content on behalf of the client.

To achieve this, a new Apache configuration file needs to be created.

Some inline documentation should be included in the configuration file explaining the purpose of each directive and any other settings the user may want to tweak or look into. A release note should be added for this change.

This new configuration file will be packaged as part of the pulp-streamer and is completely separate from the main Apache configuration for Pulp.

Actions #1

Updated by bmbouter over 7 years ago

  • Parent task set to #1150
Actions #2

Updated by bmbouter over 7 years ago

  • Subject changed from Add SSL termination Location example to httpd config to Add SSL and non-SSL Location examples to httpd config
  • Description updated (diff)
Actions #3

Updated by jcline@redhat.com about 7 years ago

  • Subject changed from Add SSL and non-SSL Location examples to httpd config to Create a httpd config with SSL and non-SSL Location settings for Lazy Apache
  • Description updated (diff)
Actions #4

Updated by jortel@redhat.com about 7 years ago

Secured by signed URL instead.

Actions #5

Updated by jcline@redhat.com about 7 years ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to jcline@redhat.com
Actions #6

Updated by jcline@redhat.com about 7 years ago

  • % Done changed from 0 to 50

The required Apache configuration has been documented as part of story #1198, but we have not yet decided how/if to package the configuration.

Actions #7

Updated by jcline@redhat.com about 7 years ago

  • Status changed from ASSIGNED to POST
  • % Done changed from 50 to 100

The Apache configuration PR against the feature branch: https://github.com/pulp/pulp/pull/2104

Since we use URL signatures, there is a new WSGI application that checks signatures and is turned on as part of the streamer 'Directory' statement.

Actions #9

Updated by jcline@redhat.com almost 7 years ago

  • Subject changed from Create a httpd config with SSL and non-SSL Location settings for Lazy Apache to Create a httpd config for the lazy streamer
Actions #10

Updated by jcline@redhat.com almost 7 years ago

  • Description updated (diff)
Actions #11

Updated by jcline@redhat.com almost 7 years ago

  • Status changed from POST to MODIFIED
Actions #12

Updated by rbarlow almost 7 years ago

  • Status changed from MODIFIED to ASSIGNED
  • Platform Release set to 2.8.0

Release notes are still needed.

Actions #14

Updated by jcline@redhat.com almost 7 years ago

  • Status changed from ASSIGNED to 5
Actions #15

Updated by dkliban@redhat.com over 6 years ago

  • Status changed from 5 to CLOSED - CURRENTRELEASE
Actions #16

Updated by bmbouter over 3 years ago

  • Tags Pulp 2 added

Also available in: Atom PDF