Closed
Bug 911309
Opened 11 years ago
Closed 11 years ago
Set up SSL endpoint + load balancer for incoming.telemetry.mozilla.org
Categories
(Infrastructure & Operations Graveyard :: WebOps: Other, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mreid, Assigned: bburton)
References
Details
Telemetry submissions currently go to data.mozilla.com. This is the same name used by Firefox Health Report and Test Pilot (and others). We want to change Telemetry to use a new name since it will be served by a new backend system. The preferred name is telemetry.mozilla.org. This url should accept HTTPS connections, then relay them to server(s) hosted in AWS as plain HTTP connections, similar to how requests are currently relayed from data.mozilla.com to the Bagheera servers. Please let me know if I should file separate bugs for the name / ssl cert / load balancer.
Updated•11 years ago
|
Assignee: server-ops → server-ops-webops
Component: Server Operations → Server Operations: Web Operations
QA Contact: shyam → nmaul
Comment 1•11 years ago
|
||
We should set this up right away. For now telemetry.mozilla.org should point at data.mozilla.org
Assignee | ||
Comment 2•11 years ago
|
||
(In reply to Mark Reid [:mreid] from comment #0) > Telemetry submissions currently go to data.mozilla.com. This is the same > name used by Firefox Health Report and Test Pilot (and others). > > We want to change Telemetry to use a new name since it will be served by a > new backend system. > > The preferred name is telemetry.mozilla.org. This url should accept HTTPS > connections, then relay them to server(s) hosted in AWS as plain HTTP > connections, similar to how requests are currently relayed from > data.mozilla.com to the Bagheera servers. > > Please let me know if I should file separate bugs for the name / ssl cert / > load balancer. Can you provide some additional details on what "then relay them to server(s) hosted in AWS as plain HTTP connections" entails? Are these AWS servers reachable via VPN from a Mozilla data center?
Assignee | ||
Updated•11 years ago
|
Assignee: server-ops-webops → bburton
Comment 3•11 years ago
|
||
Discussion in IRC, #telemetry. Background: The existing cluster (served by data.mozilla.com) needs to be broken out into multiple things. The Telemetry piece is actually moving to AWS, not a new cluster in SCL3. Here's what we're going to do: 1) Set up a new temporary VIP (traffic IP + vserver, port 443) and DNS record "incoming.telemetry.mozilla.org", in SCL3. 2) Purchase and install an SSL cert for said domain name. 3) Pool should be same as data.mozilla.com. 4) On or around Oct 1, mmayo's team will take over management of this service... we will provide them with the SSL cert and key, and change DNS to point to a name or IP of their choosing. 5) Delete this temp vserver, reclaim the IP, remove the SSL cert from Zeus. (aka: clean up)
Reporter | ||
Comment 4•11 years ago
|
||
(In reply to Brandon Burton [:solarce] from comment #2) > Can you provide some additional details on what "then relay them to > server(s) hosted in AWS as plain HTTP connections" entails? > > Are these AWS servers reachable via VPN from a Mozilla data center? This will be handled separately per item #4 in comment #3.
Reporter | ||
Updated•11 years ago
|
Summary: Set up SSL endpoint + load balancer for telemetry.mozilla.org → Set up SSL endpoint + load balancer for incoming.telemetry.mozilla.org
Assignee | ||
Comment 5•11 years ago
|
||
* DNS created * Load Balancing work underway (:solarce) * SSL certificate order underway (:cturra)
Comment 6•11 years ago
|
||
i now have the signed ssl certificate and have uploaded it to the zlb cluster for :solarce to configure with his load balancer work o/ -----BEGIN CERTIFICATE----- MIIHhjCCBm6gAwIBAgIQCw81nNP2xmBGt3NMrO8uADANBgkqhkiG9w0BAQUFADBp MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMSgwJgYDVQQDEx9EaWdpQ2VydCBIaWdoIEFzc3VyYW5j ZSBFViBDQS0xMB4XDTEzMDkxMjAwMDAwMFoXDTE1MDkxNzEyMDAwMFowggEEMR0w GwYDVQQPDBRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGCysGAQQBgjc8AgEDEwJV UzEbMBkGCysGAQQBgjc8AgECEwpDYWxpZm9ybmlhMREwDwYDVQQFEwhDMjc1OTIw ODEeMBwGA1UECRMVNjUwIENhc3RybyBTdCBTdGUgMzAwMQ4wDAYDVQQREwU5NDA0 MTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBW aWV3MRwwGgYDVQQKExNNb3ppbGxhIENvcnBvcmF0aW9uMR4wHAYDVQQDExV0ZWxl bWV0cnkubW96aWxsYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDdNfMY39abFwkHEgeey8TTbhk4KQkKNCrahALQ+2S+6RnJtDLV5HwvMQp8BJpO BmW9IbB9+NWpV743VTpTpDKHeibP8miM3CtvOZYnmFIIZgljxWj8l36+UobAg/J6 oUKKBESa8yJu/csx4SuwgxlPoeIvELe0VrCosqt4F95ndG0m9tgykBJC/DeoO9+p 6jLvGihnVox8T/ZL8MDds0a3UAujSnI+XB2MfSDHmomL+ycec/E9wzT3QPXFfdIl 5lfjpx5obi3j5ZuAvO7nPhbxAec8drG0ujCpK48TlereUT4DEw8BRIzVUkdHzCov f6bM6ObXKwFT1sNTY0ey9XXJAgMBAAGjggOLMIIDhzAfBgNVHSMEGDAWgBRMWMsl 8EFPUvQoyIFDm6aooOaS5TAdBgNVHQ4EFgQUwIE/6bvPHxu/cklCfKVkR35Edbow XAYDVR0RBFUwU4IVdGVsZW1ldHJ5Lm1vemlsbGEub3Jngh5pbmNvbWluZy50ZWxl bWV0cnkubW96aWxsYS5vcmeCGnRlbGVtZXRyeS1kYXNoLm1vemlsbGEub3JnMA4G A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwYwYD VR0fBFwwWjAroCmgJ4YlaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL2V2Y2ExLWcz LmNybDAroCmgJ4YlaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL2V2Y2ExLWczLmNy bDCCAcQGA1UdIASCAbswggG3MIIBswYJYIZIAYb9bAIBMIIBpDA6BggrBgEFBQcC ARYuaHR0cDovL3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0 bTCCAWQGCCsGAQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQA aABpAHMAIABDAGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUA dABlAHMAIABhAGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkA ZwBpAEMAZQByAHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUA bAB5AGkAbgBnACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgA aQBjAGgAIABsAGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAA YQByAGUAIABpAG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAA YgB5ACAAcgBlAGYAZQByAGUAbgBjAGUALjB9BggrBgEFBQcBAQRxMG8wJAYIKwYB BQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBHBggrBgEFBQcwAoY7aHR0 cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVW Q0EtMS5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOCAQEA62E1RQ4z m+f50fn/ZxJzFiCyg4Fp7sN+Cy2KhiWsn/BvYZBpQQi8bx2+S52AuuAmG/DqpfHH /tqC5yMVj81sdVQccx414NV55+otC3s23Z/HAjzvz6fxdPx5zhes08U5m06PhYLr JXomtE77p64qf6RBmdmyuYs5o7JRs9Gkzff+ajfpgbHNCaH6nhFml1Yjh3u6RRAm TsyPrF5+ibhV1ixjaYmshvOoZWMkx6jCsScWzXh7MDWOyZ90KhPM/FjstagEsjsZ GdBMcRruQpe86kOtSDRSPltzPWGd1loA/9T6zKeRQcVBvqd3dIaZu6kNkPmDAj5b 7FROtuH9Rr82CQ== -----END CERTIFICATE-----
Assignee | ||
Comment 7•11 years ago
|
||
DNS has propogated and load balancer configs are done. https://incoming.telemetry.mozilla.org/ lives!
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Updated•11 years ago
|
Component: Server Operations: Web Operations → WebOps: Other
Product: mozilla.org → Infrastructure & Operations
Updated•5 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•