Page MenuHomePhabricator

Ensure that scap3 from tin can access californium
Closed, ResolvedPublic

Description

Striker will be deployed using Scap. The production scap3 deploy host is tin. The striker target host is californium.

I'm fairly certain that this will be the first scap3 deployment into the labs support vlan. We need to investigate what network changes will be needed to allow the ssh command-and-control connection from tin to californium and the subsequent http(s?) git fetch to californium from tin.

Event Timeline

bd808 created this task.Aug 17 2016, 7:53 PM
Restricted Application added a project: Cloud-Services. · View Herald TranscriptAug 17 2016, 7:53 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
bd808 closed this task as Resolved.Aug 17 2016, 8:04 PM
bd808 claimed this task.

It looks like this should "just work" once all of the puppet rules are in place. service::uwsgi includes scap::target which in turn includes scap::ferm. scap::ferm opens up ssh from $DEPLOYMENT_SERVERS.

With some help from @yuvipanda I verified that ssh gets from tin to californium once californium accepts the connection.

Restricted Application added a project: User-bd808. · View Herald TranscriptAug 17 2016, 8:04 PM
Krenair moved this task from Backlog to Done on the Striker board.Aug 29 2016, 8:12 AM
bd808 moved this task from To Do to Archive on the User-bd808 board.Sep 1 2016, 5:14 PM