-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 24/11/15 13:02, Karanbir Singh wrote:
hi,
what was the final decision around how best to export artifacts so they are visible on the same url as internally inside of ci ?
regards,
Let me recap what we discussed the other day : Actually artifacts are available from outside through the following URL : https://ci.centos.org/artifacts/ Someone tried to (for a job) also not store but first retrieve previously saved artifacts pushed to the artifact node (see https://wiki.centos.org/QaWiki/CI/GettingStarted#head-a46ee49e8818ef9b50225c...)
Problem is that from an inside PoV, ci.centos.org is a A record pointing directly to the jenkins node, while from an external PoV, it's pointing to an nginx reverse proxy ( / being redirected to jenkins, while /artifacts is itself a proxy_pass to the internal artifacts node)
We can't just simply redirect now the internal A record to the nginx reverse proxy , as Jenkins slave java processes are accessing ci.centos.org internally through jnlp too , on some specific/fixed ports, so internal ci.centos.org A record needs to still be pointing to jenkins node.
The proposed solution is then to setup nginx on the jenkins node itself, redirecting / to itself (on the jenkins port, and not through iptables redirect rules), while /artifacts would then be redirected to the internal artifacts node, so that would mean that all URLs would be accessible internally and externally.
If that sounds good for everybody, we can create a "card" on the CI board and implement that during next maintenance window.
- -- Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab