Validation deployment in the BSC cloud
I now have access to the BSC owncloud environment and can start on the requested validation deployment.
I still need to clear up some details with Jorge (e.g. what kind of proxy do they use, how do they handle domain names...) but i already have some thoughts and strategies which depend on the answeres.
Some possible changes to the deployment:
- no https/cert management by our services, this might be delegated to the proxy machine
- do not automatically deploy to the BSC cloud in any way, only do this if the task is manually triggered
- depending on how the validation environment is to be used, encryption keys could be left empty or generic
This also depends on which and how many services will be deployed via the proxy, since ports 443 and 80 may be blocked, which makes it impossible to use letsencrypt directly.
This of course also applies to the datacatalog (https://gitlab.jsc.fz-juelich.de/rybicki1/datacatalog/-/issues/50).
Edited by Christian Boettcher