Closed Bug 1455418 Opened 7 years ago Closed 7 years ago

Request for Proxy ACL exception any MDC1 host to infosec-mig.s3.amazonaws.com

Categories

(Infrastructure & Operations :: Proxy ACL Request, task)

Product:
Infrastructure & Operations
Component:
Proxy ACL Request
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: claudijd, Assigned: bhourigan)

Details

We have an ansible role that deploys mig to a given endpoint, and makes sure it all works. I noticed it was failing to install in MDC1 because it couldn't reach https://s3.amazonaws.com/infosec-mig/public/moz-opsec/{{ mig_rpm }}. Because I don't think it's responsible to ask for a proxy exception to s3.amazonaws.com, I'm proposing the following change in our mig deployer to make it MDC1 compatible. https://github.com/mozilla/ansible-eis/pull/474/files For those that can't see that, it basically moves the S3 reference from s3.amazonaws.com to infosec-mig.s3.amazonaws.com, so this is why I'm requesting that infosec-mig.s3.amazonaws.com be white-listed in all of MDC1 to allow MIG agent installs to work for all servers in MDC1 that use this ansible deployment method (including the one I'm trying to migrate ATM). Please ping with any questions at all.
Summary: Request for Proxy ACL exception pentest-slave1.private.mdc1.mozilla.com to infosec-mig.s3.amazonaws.com → Request for Proxy ACL exception any MDC1 host to infosec-mig.s3.amazonaws.com
Added to mdc[12] puppet in da0ad139f3a567c95a49f25c60114c16365fe6ee and 35e762f9a89439596aa03df6f30cd61df97c89ef, give it about an hour to take effect.
Assignee: infra → bhourigan
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.