Uploaded image for project: 'Data Management'
  1. Data Management
  2. DM-34492

Push up the list of TAP servers as a chart/phalanx parameter

    XMLWordPrintable

    Details

    • Type: Story
    • Status: To Do
    • Resolution: Unresolved
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      (Apologies if there is already a ticket for this, mark as duplicate if so) 

      I'd like to be able to configure at minimum the endpoint of the Rubin TAP server or, better, entire list of offered TAP servers through phalanx (ie it needs to be a helm chart parameter). 

       

        Attachments

          Issue Links

            Activity

            Hide
            frossie Frossie Economou added a comment - - edited

            Admittedly part of the motivation is to eg. point the data-dev portal to the data-int TAP server, and I am sure that raises a whole can of worms that Russ Allbery or Christine Banek can tell me all about becase auth. 

            Show
            frossie Frossie Economou added a comment - - edited Admittedly part of the motivation is to eg. point the data-dev portal to the data-int TAP server, and I am sure that raises a whole can of worms that Russ Allbery  or Christine Banek  can tell me all about becase auth. 
            Hide
            rra Russ Allbery added a comment -

            We currently have no mechanism for the data-dev Portal to authenticate to the data-int TAP server. Doing that would require either a way for a user to upload a personal bearer token to the Portal for the Portal to use, or a really substantial change to our authentication infrastructure to allow federated token auth.

            Show
            rra Russ Allbery added a comment - We currently have no mechanism for the data-dev Portal to authenticate to the data-int TAP server. Doing that would require either a way for a user to upload a personal bearer token to the Portal for the Portal to use, or a really substantial change to our authentication infrastructure to allow federated token auth.
            Hide
            gpdf Gregory Dubois-Felsmann added a comment -

            Yes, Frossie Economou, this was a double duplicate. The original ticket is DM-31444 and DM-33531 had also been filed on the same point.

            Show
            gpdf Gregory Dubois-Felsmann added a comment - Yes, Frossie Economou , this was a double duplicate. The original ticket is DM-31444 and DM-33531 had also been filed on the same point.
            Hide
            gpdf Gregory Dubois-Felsmann added a comment -

            Russ Allbery The request underlying Frossie Economou's 2022-04-19 comment was to be able to point the data-dev TAP server at the data-int Qserv server. Since that (internal-to-the-RSP) connection is not authenticated, to my knowledge, your concern probably doesn't apply?

            Christine Banek, is it possible via chart config to point the data-dev TAP server at the data-int Qserv instance? If so, we can discuss on Thursday when it might be useful to do so.

            Show
            gpdf Gregory Dubois-Felsmann added a comment - Russ Allbery The request underlying Frossie Economou 's 2022-04-19 comment was to be able to point the data-dev TAP server at the data-int Qserv server. Since that (internal-to-the-RSP) connection is not authenticated, to my knowledge, your concern probably doesn't apply? Christine Banek , is it possible via chart config to point the data-dev TAP server at the data-int Qserv instance? If so, we can discuss on Thursday when it might be useful to do so.
            Hide
            rra Russ Allbery added a comment - - edited

            It looks like this may not have been answered here, although I think we discussed it in a meeting. To change where the TAP server points, set qserv.host in the relevant values-*.yaml in services/tap to the hostname and port to use. Note that accessing the data-int qserv will require firewall changes on the qserv side to allow access from the data-dev cluster.

            Show
            rra Russ Allbery added a comment - - edited It looks like this may not have been answered here, although I think we discussed it in a meeting. To change where the TAP server points, set qserv.host in the relevant values-*.yaml in services/tap to the hostname and port to use. Note that accessing the data-int qserv will require firewall changes on the qserv side to allow access from the data-dev cluster.

              People

              Assignee:
              roby Trey Roby
              Reporter:
              frossie Frossie Economou
              Watchers:
              Christine Banek, Frossie Economou, Gregory Dubois-Felsmann, Loi Ly, Russ Allbery
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:

                  Jenkins

                  No builds found.