[
https://issues.apache.org/jira/browse/METRON-187?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nick Allen updated METRON-187:
------------------------------
Description:
Problem
-------
In many cases Metron will need to be deployed on a network that does not have
direct access to the public interwebs. The current deployment scheme requires
access to the public interwebs to download artifacts like RPMs, tarballs, rule
sets, etc.
Solution
--------
Assumption: There exists a machine that will orchestrate the deployment that
meets the following requirements.
(1) The machine can deploy "Full Dev Platform" or "Quick Dev Platform". In
short, this machine must run either Linux or OSX and have Ansible, Vagrant,
Maven, Java, among the other dependencies installed.
(2) The machine must be able to connect to both the public internet and the
private, isolated network. This does not need to occur at the same time. For
example, the machine can connect to the public internet, then disconnect from
the public internet, then connect to the private, isolated network. This
scheme also meets the requirement.
Deployment Process - High Level
(1) Extract artifacts from public internet and store on local deployment
machine.
(2) Move deployment machine to private, isolated network.
(3) Deploy Metron using the artifacts stored on the deployment machine.
Deployment Process - Details
(1) Connect the deployment host to the public internet.
(2) Run a customized Vagrant installation of Metron on the deployment host.
(3) After the normal "Quick Dev Platform" deployment completes, the
customization ensures that all required artifacts that were downloaded from the
public internet are persisted locally on the deployment host.
(4) Validate that the Vagrant installation worked correctly.
(5) Disconnect the deployment host from the public internet.
(6) Connect the deployment host to the private, isolated network.
(7) Prior to the normal Metron deployment, the locally persisted artifacts will
be deployed to a designated repository server. The repository server will host
the artifacts by whatever means are required for the artifact. For example,
for RPMs an RPM Repository will be created.
(9) All properties that refer to resources on the public internet will be
updated to point to the repository server.
(10) Run the normal Metron deployment process.
was:
Problem
In many cases Metron will need to be deployed on a network that does not have
direct access to the public interwebs. The current deployment scheme requires
access to the public interwebs to download artifacts like RPMs, tarballs, rule
sets, etc.
> Support Deployment of Metron on Isolated Networks
> -------------------------------------------------
>
> Key: METRON-187
> URL: https://issues.apache.org/jira/browse/METRON-187
> Project: Metron
> Issue Type: Bug
> Reporter: Nick Allen
> Assignee: Nick Allen
>
> Problem
> -------
> In many cases Metron will need to be deployed on a network that does not have
> direct access to the public interwebs. The current deployment scheme requires
> access to the public interwebs to download artifacts like RPMs, tarballs,
> rule sets, etc.
> Solution
> --------
> Assumption: There exists a machine that will orchestrate the deployment that
> meets the following requirements.
> (1) The machine can deploy "Full Dev Platform" or "Quick Dev Platform". In
> short, this machine must run either Linux or OSX and have Ansible, Vagrant,
> Maven, Java, among the other dependencies installed.
> (2) The machine must be able to connect to both the public internet and the
> private, isolated network. This does not need to occur at the same time.
> For example, the machine can connect to the public internet, then disconnect
> from the public internet, then connect to the private, isolated network.
> This scheme also meets the requirement.
> Deployment Process - High Level
> (1) Extract artifacts from public internet and store on local deployment
> machine.
> (2) Move deployment machine to private, isolated network.
> (3) Deploy Metron using the artifacts stored on the deployment machine.
> Deployment Process - Details
> (1) Connect the deployment host to the public internet.
> (2) Run a customized Vagrant installation of Metron on the deployment host.
> (3) After the normal "Quick Dev Platform" deployment completes, the
> customization ensures that all required artifacts that were downloaded from
> the public internet are persisted locally on the deployment host.
> (4) Validate that the Vagrant installation worked correctly.
> (5) Disconnect the deployment host from the public internet.
> (6) Connect the deployment host to the private, isolated network.
> (7) Prior to the normal Metron deployment, the locally persisted artifacts
> will be deployed to a designated repository server. The repository server
> will host the artifacts by whatever means are required for the artifact. For
> example, for RPMs an RPM Repository will be created.
> (9) All properties that refer to resources on the public internet will be
> updated to point to the repository server.
> (10) Run the normal Metron deployment process.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
