Project

Profile

Help

Story #1282

As an EC2 user, I would like to set up a RHUI as an alternate content source

Added by cduryee over 6 years ago. Updated over 1 year ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
2.14.0
Groomed:
Yes
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Sprint 19
Quarter:

Description

Typically, if I set up a new Pulp instance I can set up a local content source to help populate it quickly. However, if I am using EC2, I can't use my region's local RHUI to help populate my Pulp.

The content source config allows for most of what I need: the CA, client cert and client key. However, RHUI in EC2 requires additional metadata from the cloud-init magic IP in the HTTP header to allow the request through. These settings are specific to an instance, but do not generally change once the instance is created.

If there was a way to specify additional HTTP headers in the content request, it would be let Pulp users set up RHUI as an alternate content source. A very basic way to do this would be to allow setting arbitrary HTTP headers in the conf file.

I can supply an ec2 machine that's already set up and show how to populate the headers.


Related issues

Related to Pulp - Story #2772: As a user, I can sync from a RedHat mirror provided by and hosted in AWSCLOSED - WONTFIX

<a title="Actions" class="icon-only icon-actions js-contextmenu" href="#">Actions</a>

Associated revisions

Revision 2137c89c View on GitHub
Added by werwty over 4 years ago

Add headers as an optional alternate content source descriptor

closes #1282 https://pulp.plan.io/issues/1282

Revision 1ab76690 View on GitHub
Added by werwty over 4 years ago

Update nectar to also read headers from config

re #1282 https://pulp.plan.io/issues/1282

Revision 6d074838 View on GitHub
Added by werwty over 4 years ago

Allow = in alternate content source header value

re #1282 https://pulp.plan.io/issues/1282

History

#3 Updated by jortel@redhat.com over 4 years ago

  • Sprint/Milestone set to 38

#4 Updated by bmbouter over 4 years ago

Can this be removed from the sprint until the functional details are added and it's groomed? Without that the work isn't clear enough to be picked up on a sprint.

#5 Updated by cduryee over 4 years ago

As a Pulp user, I would like to use a RHUI which has the Amazon authentication plugin enabled as an alternate content source.

The existing ACS config supports most of the required values, but two additional HTTP headers (X-RHUI-ID and X-RHUI-SIGNATURE) have to be presented in order to obtain content from the RHUI. The values of these two headers are strings that do not change once an instance is created.

#6 Updated by jortel@redhat.com over 4 years ago

  • Groomed changed from No to Yes

#7 Updated by bmbouter over 4 years ago

What is an ACS config? I'm not sure how these two headers will be configured? Also is the user only providing the values and we hardcode the names, or is it a generalized configuration and the user supplies both the config name and its value?

#8 Updated by cduryee over 4 years ago

ah, I was just being lazy with my typing :) acs = alternate content source

There are probably a number of ways to solve the problem of getting the content out of a RHUI, but one idea would be to allow setting the two X-RHUI headers via https://docs.pulpproject.org/user-guide/content-sources.html. I believe if two additional settings were exposed to set values for the two headers and then the header values were passed through to nectar, that would work. I think it would operate similarly to how basic auth is set up.

#9 Updated by bmbouter over 4 years ago

OK that is a good plan. The last bit of detail I'm looking for are the actual names of those two options. Then one of us can write out the deliverables as checklist items. I can help w/ that once the setting names are decided.

Thanks for all the input you've given. This story is really shaping up.

#10 Updated by cduryee over 4 years ago

The full names are `X-RHUI-ID` and `X-RHUI-SIGNATURE`.

#11 Updated by bmbouter over 4 years ago

All of the names of those options are lower case. Do you think upper or lower case would be better?

#12 Updated by bmbouter over 4 years ago

I added some checklist items. I don't know if the default should be empty string or None. Where are the alternate content source defaults specified?

#13 Updated by cduryee over 4 years ago

I think lowercase is better, at least IMO. For the None vs empty string, I'm ok with either as long as the header not sent on requests by default.

#14 Updated by bmbouter over 4 years ago

I also like the lower case consistency. I rewrote the checklist item to name those as the alternate content source config names. I also added two more docs checklist items.

#15 Updated by jortel@redhat.com over 4 years ago

I don't think that adding RHUI specific options to the alternate content source descriptor is appropriate. These are just HTTP headers and should be supported generically. Instead, let's add support for a headers option. This is a list option (like paths) but has the form of <header>=<value>.

Example:

headers: X-RHUI-ID=1234 \
         X-RHUI-SIGNATURE=AF1902B9C8DAF1902B9C8D

#16 Updated by bmbouter over 4 years ago

+1 to @jortel's idea to call it headers. Similar to paths it will be <str> with an optionl list delimited by space or newline. Thanks @jortel for also updating the checklist. I think this is good to go.

#17 Updated by bizhang over 4 years ago

  • Status changed from NEW to ASSIGNED
  • Assignee set to bizhang

#19 Updated by werwty over 4 years ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100

#20 Updated by mhrivnak over 4 years ago

  • Related to Story #2772: As a user, I can sync from a RedHat mirror provided by and hosted in AWS added

#21 Updated by pcreech over 4 years ago

  • Platform Release set to 2.14.0

#22 Updated by pcreech over 4 years ago

  • Status changed from MODIFIED to 5

#23 Updated by pcreech over 4 years ago

  • Status changed from 5 to CLOSED - CURRENTRELEASE

#24 Updated by bmbouter almost 4 years ago

  • Sprint set to Sprint 19

#25 Updated by bmbouter almost 4 years ago

  • Sprint/Milestone deleted (38)

#26 Updated by bmbouter almost 3 years ago

  • Tags Pulp 2 added

#27 Updated by bmbouter about 2 years ago

  • Assignee deleted (bizhang)

Removing assignee at their request so downstream automation will stop pinging them.

Also available in: Atom PDF