[
https://issues.apache.org/jira/browse/METRON-187?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David M. Lyle updated METRON-187:
---------------------------------
Labels: platform (was: )
> Support Deployment of Metron on Isolated Networks
> -------------------------------------------------
>
> Key: METRON-187
> URL: https://issues.apache.org/jira/browse/METRON-187
> Project: Metron
> Issue Type: Improvement
> Reporter: Nick Allen
> Assignee: Nick Allen
> Labels: platform
> Fix For: 0.2.1BETA
>
>
> h2. Problem
> In many cases Metron will need to be deployed on a network that does not have
> direct access to the public interwebs. The current deployment scheme requires
> access to the public interwebs to download artifacts like RPMs, tarballs,
> rule sets, etc.
> h2. Assumptions
> There exists a machine that will orchestrate the deployment that meets the
> following requirements.
> - The machine can deploy "Full Dev Platform" or "Quick Dev Platform". In
> short, this machine must run either Linux or OSX and have Ansible, Vagrant,
> Maven, Java, among the other dependencies installed.
> - The machine must be able to connect to both the public internet and the
> private, isolated network. This does not need to occur at the same time.
> For example, the machine can connect to the public internet, then disconnect
> from the public internet, then connect to the private, isolated network.
> This scheme also meets the requirement.
> h2. Solution
> The following high-level approach can be taken.
> - Extract: Extract artifacts from public internet and store on local
> deployment machine.
> - Transfer: Move deployment machine, along with extracted artifacts, to
> private, isolated network.
> - Reuse: Deploy Metron using the artifacts stored on the deployment machine.
> The following details steps implement the high-level approach of extract,
> transfer, and reuse.
> - Connect the deployment host to the public internet.
> - Run a customized Vagrant installation of Metron on the deployment host.
> - After the normal "Quick Dev Platform" deployment completes, the
> customization ensures that all required artifacts that were downloaded from
> the public internet are persisted locally on the deployment host.
> - Validate that the Vagrant installation worked correctly.
> - Disconnect the deployment host from the public internet.
> - Connect the deployment host to the private, isolated network.
> - Prior to the normal Metron deployment, the locally persisted artifacts will
> be deployed to a designated repository server. The repository server will
> host the artifacts by whatever means are required for the artifact. For
> example, for RPMs an RPM Repository will be created.
> - All properties that refer to resources on the public internet will be
> updated to point to the repository server.
> - Run the normal Metron deployment process.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
