<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> </head> <body text="#000000" bgcolor="#FFFFFF"> The initial planning for lazy omitted content protection for 3.0. Since then, we have pulled content protection back into 3.0 re: content-guards. In pulp2, the content app redirected using a signed-url so that clients could not circumvent content protection. Currently in 3.0, there is nothing to keep clients from circumventing content protection by going directly to the streamer. Isn't this a gap?<br> <br> <br> <div class="moz-cite-prefix">On 11/20/18 3:51 PM, Brian Bouterse wrote:<br> </div> <blockquote type="cite" cite="mid:CAAcvrTFRDdHg1=CXpYjbG3dJSDpk2X8C++ThgFdKcxjUvQz12A@mail.gmail.com"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <div dir="ltr"> <div dir="ltr"> <div dir="ltr"> <div dir="ltr"> <div dir="ltr"> <div dir="ltr"> <div dir="ltr"> <div>I've been developing the streamer functionality, and it's correctly working (in my testing) as driven from the Remote.policy attribute. It correctly works with 'immediate', 'on_demand', and 'cache_only'. Read more about the expected behaviors in the epic [0].<br> </div> <div><br> </div> <div># Try it out!<br> </div> <div>Here is the core commit needed: <a href="https://github.com/pulp/pulp/pull/3738" moz-do-not-send="true">https://github.com/pulp/pulp/pull/3738</a></div> <div>Here is the streamer you should pip install from master: <a href="https://github.com/bmbouter/pulp_streamer" moz-do-not-send="true">https://github.com/bmbouter/pulp_streamer</a></div> <div>Here is what it looks like to port a plugin using DeclarativeVersion, e.g. pulp_file to support lazy: <a href="https://github.com/pulp/pulp_file/pull/132" moz-do-not-send="true">https://github.com/pulp/pulp_file/pull/132</a></div> <div><br> </div> <div>You'll need to configure Pulp's webserver for streaming. I did this by exporting an environment var to dynaconf in the same bash environment as my django run server. Specifically I configured Pulp to redirect to port localhost:8080/streamer/ with this command:</div> <div><br> </div> <div>export PULP_CONTENT='@json {"HOST": null, "WEB_SERVER": "django", "REDIRECT": {"ENABLED": true, "PORT": 8080, "HOST": "localhost", "PATH_PREFIX": "/streamer/"}}'</div> <div><br> </div> <div>Then I run the streamer (after pip installed) with gunicorn which you also need to pip install. Run it with:</div> <div><br> </div> <div>gunicorn pulpcore.streamer:server --bind localhost:8080 --worker-class aiohttp.GunicornWebWorker -w 2</div> <div><br> </div> <div>Then sync a pulp_file repo with policy='on_demand' or policy='cache_only' and see how Pulp behaves.</div> <div><br> </div> <div>Feedback, ideas, concerns are welcome in any form. Note this is still rough, and the following are known things to be done:</div> <div><br> </div> <div>* fix tests to get Travis passing<br> </div> <div>* docs for the streamer and for pulpcore<br> </div> <div>* an installer role to install the streamer</div> <div>* integration with squid to cache lots of data at the streamer<br> </div> <div>* transfer the pulp_streamer to the Pulp org on github</div> <div>* publish an initial release to PyPI for users to use it</div> <div>* write a blog post about porting to it and using it</div> <div>* make a demo</div> <div><br> </div> <div>[0]: <a href="https://pulp.plan.io/issues/3693" moz-do-not-send="true">https://pulp.plan.io/issues/3693</a></div> <div><br> </div> <div>Thanks!</div> <div>Brian<br> </div> </div> </div> </div> </div> </div> </div> </div> <br> <fieldset class="mimeAttachmentHeader"></fieldset> <pre class="moz-quote-pre" wrap="">_______________________________________________ Pulp-dev mailing list <a class="moz-txt-link-abbreviated" href="mailto:Pulp-dev@redhat.com">Pulp-dev@redhat.com</a> <a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/pulp-dev">https://www.redhat.com/mailman/listinfo/pulp-dev</a> </pre> </blockquote> <br> </body> </html>