Project

General

Profile

Task #7347

MNDeployment #6957: NRDC - Nevada Research Data Center

Resolve firewall deployment issue for NRDC

Added by Dave Vieglais over 9 years ago. Updated over 8 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Start date:
2015-09-14
Due date:
% Done:

100%

Story Points:
Sprint:

Description

See epad: https://epad.dataone.org/pad/p/MNWranglers-20150914

The production certificate bundle has been created and is on project.dataone.org; we have held back notifying NRDC until they have successfully re-deployed their test instance in cn-stage. The new mnTestNRDC test node cannot update their node capabilities on cn-stage possibly due to a firewall issue when working with reverse proxy. BEW: reverse proxy might be interpreted as MITM attack and/or be causing issues with certificates. All DataONE connections use TLS, which require certificates for endpoint authentication, and that can be an issue for reverse proxy. Bruce and Mark Servilla to talk about this situation.

UPDATE - Bruce and Mark chatted. To enable NRDC to proceed (i.e. not lose time sorting out the firewall/reverse proxy question) Moinul created another test MN in stage (NRDC1) - Laura to get with Moinul to see where they are in this process (the NRDC1 test MN); see also the ticket

History

#1 Updated by Laura Moyers over 8 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100
  • translation missing: en.field_remaining_hours set to 0.0

Email from Eric F 2/22/16 "We have revamped our configuration and are now bypassing the reverse proxy."

NRDC has changed their implementation from a reverse proxy setup to have the MN outside the UNR firewall. All operations seem to be working as expected.

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)