cortx icon indicating copy to clipboard operation
cortx copied to clipboard
verified publisher icon Seagate

Current OVA requires ports that are not industry standard

Open hessio opened this issue 3 years ago • 1 comments

Problem

  1. During our most hackathon users experienced an issue where they were not able to use common s3 clients like CyberDuck because the client would not allow port https requests on port 31949 (OVA PI-6 was used in the hackathon and OVA PI-7 uses a different port again)

  2. For the hackathon we used a CloudShare to provide instance of CORTX to hackathon participants and we had some issues trying to get CloudShare to allow us to use port 31949 also as they don't open these ports for security concerns.

Expected behavior

OVA would use port 80 or 443 as is industry standard for http and https protocols

How to reproduce

OVA PI-6, PI-7, PI-5 all use non standard ports

Deployment information

We used CloudShare for the hackathon.

Some users used VMWare Workstation also.

And we used CloudShare to share instances to share instances with users

Additional information

No response

hessio avatar Aug 10 '22 16:08 hessio

For the convenience of the Seagate development team, this issue has been mirrored in a private Seagate Jira Server: https://jts.seagate.com/browse/CORTX-33919. Note that community members will not be able to access that Jira server but that is not a problem since all activity in that Jira mirror will be copied into this GitHub issue.

cortx-admin avatar Aug 10 '22 16:08 cortx-admin

This issue/pull request has been marked as needs attention as it has been left pending without new activity for 4 days. Tagging @mukul-seagate11 for appropriate assignment. Sorry for the delay & Thank you for contributing to CORTX. We will get back to you as soon as possible.

stale[bot] avatar Aug 16 '22 02:08 stale[bot]

ova issues which are reported by community https://github.com/Seagate/cortx/issues?q=is%3Aopen+is%3Aissue+label%3Aova will be further raised to QA and QA will try to verify these issues in next sprint.

hessio avatar Aug 31 '22 14:08 hessio

Haven't observed this issue as per https://github.com/Seagate/cortx/pull/1644 Also, did you follow the correct ova instructions?

mukul-seagate11 avatar Sep 08 '22 11:09 mukul-seagate11

But @mukul-seagate11 you didn't test outside of OVA to make sure you don't need an obscure port like 31949 so this has not been checked in #1644. We need to try outside of OVA. I am downloading OVA now to test this scenario and will let you know.

hessio avatar Sep 13 '22 12:09 hessio

Ports for PI-8 OVA are now: http  30080
                                             https  30443

This will cause issue when using OVA on Cloud Providers like CloudShare when they are reluctant to open ports that are not standard.

Also s3 clients like CyberDuck won't be able to work with these ports when the OVA is hosted on CloudShare.

hessio avatar Sep 14 '22 15:09 hessio

@hessio, please refer the recommended hypervisors on which OVA images is tested in https://github.com/Seagate/cortx/blob/main/doc/ova/2.0.0/PI-8/CORTX_on_Open_Virtual_Appliance_PI-8.rst

Moreover, OVA is build as per K8s 0.12.0 version i.e. https://github.com/Seagate/cortx-re/blob/main/solutions/ova/kubernetes/ova-solution.yaml where you can check the ports which are open

mukul-seagate11 avatar Sep 14 '22 15:09 mukul-seagate11

https://github.com/Seagate/cortx/pull/1657 is validated as per latest OVA image and no issue is observed

mukul-seagate11 avatar Sep 16 '22 07:09 mukul-seagate11