Issue #11792: Maybe give access to the Fedora mirror volumes to Openshift pods? - fedora-infrastructure

fedora-infrastructure

#11792 Maybe give access to the Fedora mirror volumes to Openshift pods?

Closed: Fixed with Explanation 2 months ago by kevin. Opened 2 months ago by abompard.

Following #11765, I'd like to give the openshift pods in staging and prod read-only access to Fedora's NFS volumes containing the primary mirror:

ntap-iad2-c02-fedora01-nfs01a:/fedora_ftp/fedora.redhat.com/pub
ntap-iad2-c02-fedora01-nfs01a:/fedora_ftp_archive

I don't think there would be any security issue with this as it's a read-only access to something that we publish on the internet anyway. Could there be a significant risk of DOS maybe?

Unless I'm mistaken the Openshift IP range is 10.3.163.65-10.3.163.73 in prod and 10.3.166.50-10.3.166.58 in staging.

Metadata Update from @zlopez:
- Issue priority set to: Waiting on Assignee (was: Needs Review)
- Issue tagged with: high-gain, low-trouble, ops

2 months ago

Metadata Update from @kevin:
- Issue assigned to kevin

2 months ago

kevin commented 2 months ago

ok. I added those for read-only access.

Metadata Update from @kevin:
- Issue close_status updated to: Fixed with Explanation
- Issue status updated to: Closed (was: Open)

2 months ago

Metadata

Assignee

kevin

Tags

Blocking

None

Depending on

None

Priority

Waiting on Assignee

Boards 1

ops Status: Backlog

fedora-infrastructure

Source Code

#11792 Maybe give access to the Fedora mirror volumes to Openshift pods? Closed: Fixed with Explanation 2 months ago by kevin. Opened 2 months ago by abompard.

Metadata

low-trouble high-gain ops

Boards 1

#11792 Maybe give access to the Fedora mirror volumes to Openshift pods?

Closed: Fixed with Explanation 2 months ago by kevin. Opened 2 months ago by abompard.