mitovskaol
commented
5 years ago iStore order #48360 for professional services opened on Oct 24.
Open mitovskaol opened 5 years ago
mitovskaol
commented
5 years ago iStore order #48360 for professional services opened on Oct 24.
jleach
commented
5 years ago It might have been iStore 997672. In any case, its approved. We're just waiting for ops to have some free time to setup the VMs.
StevenBarre
commented
5 years ago RITM0045877 is the ID we're tracking it with internally.
StevenBarre
commented
4 years ago Sorry I haven't gotten to this yet. Been a busy week with NetApp and William on vacation. I'm hoping to get started on this on Friday and continue into next week. @jleach is getting me the details of what ip:port the traffic needs to be forwarded to.
tosazuwa
commented
4 years ago Moving this to Sprint 7 as @sbarre-esit will get started on this Friday Nov 22
tosazuwa
commented
4 years ago Hi @sbarre-esit , can you add an estimate as to how long this would take? Eg development days...
jleach
commented
4 years ago Moved to blocked. Looks like DXC is blocked by an issue.
tosazuwa
commented
4 years ago @jleach @sbarre-esit , can we add details for this blocker please?
jleach
commented
4 years ago Technical issue encountered. Working through the details and a solution with the vendor.
tosazuwa
commented
4 years ago Had a conversation with @sbarre-esit and he will be prioritizing this ticket and aiming to complete by Dec 13th (if nothing new come up). He is still waiting on RSI to confirm what proxy server to use. @jleach , do you have this info?
mitovskaol
commented
4 years ago @tosazuwa As stated in this same ticket in Zenhub, the name of the RSI proxy is jag-aporeto-t1.dmz Is it possible he is looking for other information?
StevenBarre
commented
4 years ago The Aporeto enforcer needs to reach out to the API via HTTPS. We're going to do that via a HTTP proxy server. I'm looking for the IP/Port for that server.
StevenBarre
commented
4 years ago For the JAG server we still don't have a working HTTP proxy or firewall connection from the host to the DB service. I've followed up with Glenn on Jan 3rd and he is aware and working on the issues.
REFINE and FILTER are now set up and working. An Ansible playbook has also been created and is mostly done. We're currently running a custom enforcer RPM and are waiting for Aporeto to fully releaseit.
@stewartshea managed to get the policy working, but we don't yet understand why his fix worked. We have an outstanding support question with the Aporeto team on that.
mitovskaol
commented
4 years ago JAG is working on putting the last firewall rule in place to enable the comms between the Aporento enforcer in JAG DMZ and Internet. Once that is in place, the ticket can be closed.
Setup machines and configure them appropriately to act as proxies for Aporeto for applications that need access to Zone B.