Details
-
New Feature
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
MINIFI-238 introduced a C2 server that MiNiFi agents can poll for new configuration files. In order for this to be useful on a larger scale, we'll need a way to structure the servers such that they are reachable by the edge nodes while still having a central place from which to distribute changed configuration.
To that end, a delegating configuration provider should allow for arbitrary hierarchical structures of C2 servers.
A docker-compose integration test that simulates several different possible network and delegation configurations will help to prove out the concept.
Attached is an image of the integration test topology. There is a central cluster network where the authoritative C2 server resides. There is a node able to connect directly to it in the edge1 network. There is a delegating C2 server that bridges the cluster and edge2 networks. The edge2 server listens for http requests and delegates over https. There is a node on the edge3 network that requests directory from the authoritative C2 server through a squid proxy.
Attachments
Attachments
Issue Links
- is related to
-
MINIFI-238 MiNiFi Initial Command and Control Server Implementation
- Resolved
- links to