Red Hat Bugzilla – Bug 1267227
Section 1.1 - Capsule Architecture Statement is misleading
Last modified: 2016-07-14 20:29:38 EDT
Document URL: https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/6.1/html-single/Installation_Guide/index.html#sect-Red_Hat_Satellite-Installation_Guide-RednbspHat_Satellite_6_System_Architecture
Section Number and Name: 1.1. Red Hat Satellite 6 System Architecture
Describe the issue: Section 1.1 states:
Capsule Servers ... The communication between the Capsule Server and the Satellite Server is secured through a single network connection, which greatly reduces the complexity of firewall configuration.", which implies that the communication between the Satellite and Capsule uses a single port, which is incorrect. Communication between the clients and Satellite is routed via the Satellite Capsule, so that the Capsule is the only entity that connects to the Satellite.
Suggestions for improvement:
This statement should be amended as such.
Capsule Servers ... The communication between clients registered via a Capsule Server and the Satellite Server is routed single network connection, which greatly reduces the complexity of firewall configuration."
See https://access.redhat.com/articles/1447533 for additional details.
The communication between the managed Host and the Satellite Server is routed through the Capsule. There are multiple services managed by the Capsule, on behalf of the managed hosts. Many of these services use dedicated TCP ports. The Capsule ensures that a single source IP address is used for all communications from the Host to the Satellit e Server via the Capsule. Proxying all host communications through the Capsule simplifies FW administration. Most sessions are initiated by the host / Capsule, with some exceptions noted in the documentation
This content is now live on the Customer Portal.