Re: Identifying all DEA's on a CF install


john mcteague <john.mcteague@...>
 

We have components that are co deployed with DEAs that form part of an
application level encryption and security framework that talk to an
external service. That service validates that requests came from a valid
DEA.

John.

On 8 Dec 2015 02:59, "Amit Gupta" <agupta(a)pivotal.io> wrote:

Maybe you can explain the problem you're trying to solve.

You're not just trying to find the VMs which are DEAs, you need to be able
to do this constantly and programmatically. What's the actual overall goal
here, why do you need to do this?

Thanks,
Amit

On Mon, Dec 7, 2015 at 2:38 PM, Curry, Matthew <Matt.Curry(a)allstate.com>
wrote:

I believe you could use the BOSH API:

https://bosh.io/docs/director-api-v1.html#list-vms-detailed

From: john mcteague <john.mcteague(a)gmail.com>
Reply-To: "Discussions about Cloud Foundry projects and the system
overall." <cf-dev(a)lists.cloudfoundry.org>
Date: Monday, December 7, 2015 at 3:29 PM
To: "Discussions about Cloud Foundry projects and the system overall." <
cf-dev(a)lists.cloudfoundry.org>
Subject: [cf-dev] Re: Re: Identifying all DEA's on a CF install

I hadnt considered that. I see that there are now docs for the BOSH api,
however is the BOSH api suited to concurrent access by multiple processes?
We are writing a component that will need to frequently validate that a
particular machine is a DEA.

On Mon, Dec 7, 2015 at 10:26 PM, Amit Gupta <agupta(a)pivotal.io> wrote:

What about with BOSH?

On Mon, Dec 7, 2015 at 2:17 PM, john mcteague <john.mcteague(a)gmail.com>
wrote:

I am trying to enumerate all the ways I could identify all the DEA's in
a CF cluster in an IAAS agnostic way (e.g. not querying Openstack to read
metadata on the VM's that list the job type).

I think the only reliable way is to listen on NATS and look for the DEA
advertisement messages. Am I correct or is there a method I am missing (I'd
rather call and API rather than subscribe to NATS)?

Thanks,
John

Join cf-dev@lists.cloudfoundry.org to automatically receive all group messages.