Need to access https://pvtbuilds.mozilla.org/pub/mozilla.org/b2g/tinderbox-builds from orangefactor1.dmz.phx1.mozilla.com

RESOLVED FIXED

Status

Infrastructure & Operations Graveyard
WebOps: Product Delivery
RESOLVED FIXED
4 years ago
2 years ago

People

(Reporter: jgriffin, Assigned: cturra)

Tracking

Details

(Whiteboard: [kanban:https://kanbanize.com/ctrl_board/4/1328] )

(Reporter)

Description

4 years ago
In order for the pulse normalizer to work correctly for B2G emulator pulse messages, it needs access to the B2G emulator builds and logs, which reside at https://pvtbuilds.mozilla.org/pub/mozilla.org/b2g/tinderbox-builds.

Currently, this url cannot be accessed without a set of LDAP credentials, even from a VM within the Mozilla VPN:  orangefactor1.dmz.phx1.mozilla.com

What's the best way to allow this access?  Can a rule be added for credential-free access from that host, or do we need to set up an LDAP account that a service on that VM can use?

Comment 1

4 years ago
Hi,

I checked this out, and pvtbuilds.mozilla.org is not behind a firewall per se.
It is part of our "vlan 5", which means it has a public IP address, and access
to it would be controlled by the host.

(there is an access control list on the network device in front of the host,
 but that access control list just lets all traffic for 63.245.215.32 through
 to the host)  

So, I'm guessing that you're right, and an LDAP account has to be set up.
I'll re-assign this bug to the Infrastructure LDAP queue -- my best shot at
finding the right resource to resolve this.  

Thanks -- Dave

Updated

4 years ago
Assignee: network-operations → infra
Component: NetOps → Infrastructure: LDAP
QA Contact: jbarnell → jdow

Comment 2

4 years ago
I think this is WebOps, not LDAP.
Assignee: infra → server-ops-webops
Component: Infrastructure: LDAP → WebOps: Product Delivery
QA Contact: jdow → nmaul

Updated

4 years ago
Whiteboard: [kanban:https://kanbanize.com/ctrl_board/4/1328]

Comment 3

4 years ago
Sorry, took my best shot at the right queue and missed!
Thanks for setting it to the correct queue.
(Assignee)

Comment 4

4 years ago
all pvtbuilds are behind ldap auth. there is however the ability to do htpasswd based auth, which we could setup for your pulse normalizer project. does that sound like a fair route to go down?
Flags: needinfo?(jgriffin)
(Reporter)

Comment 5

4 years ago
(In reply to Chris Turra [:cturra] from comment #4)
> all pvtbuilds are behind ldap auth. there is however the ability to do
> htpasswd based auth, which we could setup for your pulse normalizer project.
> does that sound like a fair route to go down?

Yes, htpasswd based auth would be fine for this use case, thanks.
Flags: needinfo?(jgriffin)
(Assignee)

Comment 6

4 years ago
account created. :jgriffin - i will follow up with you offline with the login details.

 $ curl -I --user <USER>:<PASS> https://pvtbuilds.mozilla.org/pub/mozilla.org/b2g/tinderbox-builds/
 HTTP/1.1 200 OK
 Server: Apache
 X-Backend-Server: ftp1.dmz.scl3.mozilla.com
 Content-Type: text/html;charset=UTF-8
 Date: Wed, 24 Sep 2014 20:17:03 GMT
 Transfer-Encoding: chunked
 Connection: Keep-Alive
Assignee: server-ops-webops → cturra
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.