Re: [Linux-PowerEdge] dsu and http (not https)
[EXTERNAL EMAIL] On Tue, Jul 28, 2020 at 12:03 PM Lloyd Brown wrote: > I guess I'd better go dig into the logs again, to figure out why it > broke when I was updating a few hundred of them at once. I believe the Dell servers are blacklisting IPs that are making too many requests. At least that's what I've observed in the past. Cheers, -- Kilian ___ Linux-PowerEdge mailing list Linux-PowerEdge@dell.com https://lists.us.dell.com/mailman/listinfo/linux-poweredge
Re: [Linux-PowerEdge] dsu and http (not https)
[EXTERNAL EMAIL] It looks like I made an incorrect assumption. The DSU installation already *is* using HTTP URLs. I guess I'd better go dig into the logs again, to figure out why it broke when I was updating a few hundred of them at once. Lloyd On 7/28/20 8:59 AM, Lloyd Brown wrote: > [EXTERNAL EMAIL] > > Is there an easy way to get DSU tools to pull files from linux.dell.com > via HTTP, instead of HTTPS? > > We're trying to use a squid caching proxy, rather than creating our own > local mirror. But while something like squid can proxy the HTTPS > traffic via a CONNECT tunnel, it can't actually cache it. If we can get > it to use HTTP, then I'm pretty sure it would be easily cache-able. > > The other alternative is to MitM it via squid's sslBump mechanism, but > I'd *really* rather not do that. > > The linux.dell.com server is actually still serving HTTP, at least for > now (eg. http://linux.dell.com/repo/hardware/dsu/os_independent/ instead > of https://linux.dell.com/repo/hardware/dsu/os_independent/), so in > theory, it should be possible. > > -- Lloyd Brown HPC Systems Administrator Office of Research Computing Brigham Young University http://marylou.byu.edu ___ Linux-PowerEdge mailing list Linux-PowerEdge@dell.com https://lists.us.dell.com/mailman/listinfo/linux-poweredge
[Linux-PowerEdge] dsu and http (not https)
[EXTERNAL EMAIL] Is there an easy way to get DSU tools to pull files from linux.dell.com via HTTP, instead of HTTPS? We're trying to use a squid caching proxy, rather than creating our own local mirror. But while something like squid can proxy the HTTPS traffic via a CONNECT tunnel, it can't actually cache it. If we can get it to use HTTP, then I'm pretty sure it would be easily cache-able. The other alternative is to MitM it via squid's sslBump mechanism, but I'd *really* rather not do that. The linux.dell.com server is actually still serving HTTP, at least for now (eg. http://linux.dell.com/repo/hardware/dsu/os_independent/ instead of https://linux.dell.com/repo/hardware/dsu/os_independent/), so in theory, it should be possible. -- Lloyd Brown HPC Systems Administrator Office of Research Computing Brigham Young University http://marylou.byu.edu ___ Linux-PowerEdge mailing list Linux-PowerEdge@dell.com https://lists.us.dell.com/mailman/listinfo/linux-poweredge