Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Current »

Page Navigation:


(blue star) Confidence Level Moderate  This article includes input from several JPLers. Multiple subject matter experts can indicate that a page is more frequently reviewed and updated.

Intro

With recent cybersecurity requirements, Verdi compute nodes are locked down in private VPC/Security Groups. WebDAV from the verdi compute nodes are no longer accessible from operations teams. This establishes proxy to enable operators to access each compute node’s WebDAV service regardless if verdi is on private or internal VPC/SG.

Assumptions

  • Webdav into compute nodes is done for ops only and we do not need large-scalability with this feature

  • Would be ok to proxy via factotum

Use Cases

  • Baseline: WebDAV link to compute node on JPLnet

  • WebDAV proxying to private VPC (10.0.x.x)

  • WebDAV proxying into Pleiades

    • Defer for later

    • May require double proxying

Requirements

  • Proxy HTTP to browse html view (index-style CSS) served out of each verdi compute node

Desirements

  • Proxy WebDAV protocol  (extension beyond HTTP) → mount WebDAV over proxy onto compute node

Approaches (sorted in complexity involved)

  • Proxy router script

  • Other open source tools that may be doing this?

  • vhosting from factotum

    • worker-100.67.33.239.mamba-factotum.aria.hysds.io/jobs/2020/07/06/13/08/standard_product-s1gunw-acq_enumerator__develop-S1A_OPER_AUX_POEORB_OPOD_20200706T120826_V20200615T225942_20200617T005942-v1.1-20200706T130033.550856Z

    • With HTTP BASIC AUTH with LDAP

  • ssh remote tunnel from factotum

    • May look like the reverse of what we did for proxying verdi to PCM on Pleiades

User’s Guide

Developers Guide

Implementation Notes

References


(lightbulb) Have Questions? Ask a HySDS Developer:

Anyone can join our public Slack channel to learn more about HySDS. JPL employees can join #HySDS-Community

(blue star)

JPLers can also ask HySDS questions at Stack Overflow Enterprise

(blue star)

  • No labels