Deployment Architecture
Highlighted

Deployment server through a VIP

Contributor

We are using a VIP for the deployment server uri, as it needs to be on a low port to survive firewalls, and is easier to configure in our infrastructure.

Is deployment server completely REST based? I'm seeing some strange errors when going through the VIP, which is handling the SSL, not just forwarding the port:

01-25-2011 19:10:58.138 WARN  NetUtils - Bad select_for_loop rv = -2
01-25-2011 19:10:58.138 WARN  HTTPClient - Error when reading from uri:
deployment-server.client.com:443, nbytes: -2, downloaded so far: 10240
01-25-2011 19:10:58.138 WARN  DeployedApplication - There was a problem
downloading from uri=deployment-server.client.com:443,
Tags (2)
0 Karma
Highlighted

Re: Deployment server through a VIP

Splunk Employee
Splunk Employee

So you have turned off SSL on the Deployment Server? Have you also installed appropriate new SSL CA certificates on the Deployment Clients?

0 Karma
Highlighted

Re: Deployment server through a VIP

Contributor

SSL is running. The VIP/LB magically made it work. It's not clear whether it is acting as an https proxy or simply stepping in the way of the SSL.

The behavior is this:
1. First round of downloads and deployments work fine, though with the errors seen above.
2. On changes, deploymentclient determines it needs new apps and seems to download them into var/run/CLASSNAME
3. There is a new error saying the expected bundle could not be found in var/run/CLASSNAME, with a different integer in the name than expected.

In the end, we used a different port and forwarded the socket.

0 Karma