2 Replies Latest reply on Mar 21, 2012 6:40 PM by timgstewart

    Running fuse behind a firewall

    timgstewart
    timgstewart Mar 20, 2012 12:24 PM

      I'd like to be able to run the ESB from behind a firewall with no outbound port 80 access.  Currently, it reaches out and installs optional features, bundles and dependencies dynamically on first startup.  I'd like to have these in my local repository instead, and remove the dependency on remote servers.

       

      Is there an easy way to get the bundles that are downloaded from a running configured server and copy those into my local repo?  It seems that the data/cache folder is laid out differently than a repository, and I don't know of any easy way to calculate the dependencies of a runtime setup.

       

      Also, if the server does not have access to the remote XSD files for spring and blueprint (or others) would this cause me problems on a running server?

       

      Thanks in advance.

       

      - Tim Stewart.

      • 96 Views
      • Tags:
        • 1. Re: Running fuse behind a firewall
          ffang
          ffang Mar 20, 2012 8:51 PM (in response to timgstewart)

          Hi,

           

          The general solution should be setup a proxy server like nexus, you can access the nexus server in your intranet, and the nexus server can go through your firewall to connect the internet and download artifacts on demand.

           

          Or if you have fuse subscription you can ask for the offline repo we build, which typically resolve the scenario you encounter.

           

          For the offline xsd access issue, the spring should be fine, as we always ship local xsds.

          For the blueprint, you MAY encounter an issue which is caused by a known and fixed aries issue, it should be shipped by future FUSE ESB release, if you have fuse subscription you can use that channel to get quick help.

           

          Freeman

            • Actions
          • 2. Re: Running fuse behind a firewall
            timgstewart
            timgstewart Mar 21, 2012 6:40 PM (in response to ffang)

            Thanks for the good response.

             

            We're in the process of trying to get a support license, so the fusesource offline repository isn't available to me as an option.

             

            We do have a corporate proxy similar to nexus, but it has a time-limited cache of the artifacts pulled from cached repositories.  It is also a dev system here, so isn't considered a mission critical production system.

             

            Rather than set something up that is production worthy, I've gone through the logs of a new installation and extracted all the "Resolving [mvn:..." lines.  I massaged that data into a pom of dependencies and used maven to download the artifacts into my local repository.  I will then copy that into the fuse local-repo folder.

             

            It is a bit of overkill, since some of those are already in the system/default repository in fuse, and some are plugin and build-related artifacts that maven downloaded but fuse doesn't needed.... but for now it will allow me to push this build into test quickly enough.  I'll tailor it down or come up with another solution later.

             

            Basically I've built my own "offline repository" that has all the artifacts I need to run, and then some.

             

            Thanks again for the response.

              • Actions