[Pulp-list] A repository download policy set to background means?

Lutchy Horace (Mailing List) mailinglist.subscriptions at lhprojects.net
Wed May 11 21:04:29 UTC 2016 

On Wed, 11 May 2016 08:50:47 -0400
Jeremy Cline <jcline at redhat.com> wrote:

> On 05/11/2016 03:56 AM, Lutchy Horace (Mailing List) wrote:
> > 
> > While resolving an entirely different issue regarding pulp, I
> > stumbled on https://media.readthedocs.org/pdf/pulp/stable/pulp.pdf
> > and
> > http://pulp.readthedocs.io/en/latest/user-guide/deferred-download.html.
> > Which elaborates a bit more on what each download policy actually
> > does. So far, I've installed python-pulp-streamer and varnish on
> > the same box, although I am bit confuse as to why I would need an
> > additional 'Reverse Proxy' in the stack. That at least fixes the
> > 'No more mirrors left to try' problem I was facing on consumers.  
> 
> Hi Lutchy,
> 
> I'm glad you found the documentation somewhat enlightening. The reason
> for the large number of proxies is that Red Hat content is served over
> HTTPS and requires client certificates to access. The Apache proxy and
> python-pulp-streamer both act as SSL termination points and pass their
> requests to each other through the Varnish or Squid proxy. These
> plain- text requests are cache-able.
> 
> Apache's caching module might be usable, which would allow you to drop
> the Varnish/Squid proxy, but it needs to support making complete
> requests when a client makes a request with a HTTP 'Range' header, or
> kickstarting from repositories will fail to function properly. Nobody
> (that I know of) has tested this so if you decide to, please let us
> know how it works!
> 
> If you have any other questions, please let me know.
> 

Thanks, I plan to move pulp_streamer to my firewall/edge box (that has
a bit more resources to handle larger on_demand requests), I also have
squid running there already. Now is trying to figure out how to route
request to pulp_streamer or instead setup a dedicated varnish 'Reverse Proxy'.

In respect to removing the middle man (varnish), I only have 5-7 boxes
(LXC) registered to pulp. It seems unnecessary. Right now, the pulp box
is connected directly to the Internet (Port 80 and 443 is not filtered
for this box) and not configured to work with the Squid proxy on the
lan network. For now, I've decided to, as mention above, move
pulp_streamer.

Regards

-- 
Lutchy Horace
Owner/Operator/Administrator [http://www.lhprojects.net]
Owner/Operator/Administrator [http://www.bombshellz.net]
Owner/Operator/Administrator [http://www.animehouse.club]
About Me [http://about.me/lhprojects]
USA

More information about the Pulp-list mailing list