nexus phone home to rhc.sonatype.com ?

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

nexus phone home to rhc.sonatype.com ?

hanasaki
CONTENTS DELETED
The author has deleted this message.
Reply | Threaded
Open this post in threaded view
|

Re: nexus phone home to rhc.sonatype.com ?

Stuart McCulloch-2
On 11 Apr 2014, at 18:10, hanasaki <[hidden email]> wrote:

> Running the current version 2.8 of Nexus open source.
> The server has no external connectivity and is reporting the below error and failing to start.
>
> What is it trying to communicate back to sonatype

The "Repository Health Check" chapter of the Nexus book discusses this feature:

        http://books.sonatype.com/nexus-book/reference/rhc.html

and this KB article explains more about what exactly is sent:

        https://support.sonatype.com/entries/40568578-How-does-the-Analyze-button-generate-a-Remote-Health-Check-report-

Note that this feature is disabled by default, the scheduled task is only added when the health check feature is explicitly enabled on one or more repositories.

> and how can it be configured to 1. not send information back to sonatype and 2. start on an internal network without external connect out permissions?

Select the repository(in this case central) in the repository view, click on the ‘health check’ tab in the lower panel, and set enabled to false:

        http://books.sonatype.com/nexus-book/reference/_enabling_repository_health_check.html 

save the configuration and the scheduled task that runs the repository health check will be removed (you can verify this by checking the scheduled tasks view).

> jvm 1    | 2014-04-10 09:08:53 WARN  [pxpool-1-thread-4] *TASK com.sonatype.nexus.plugins.healthcheck.task.HealthCheckTask - Scheduled task (Health Check: central) failed :: Health Check Management for Repository central (started 2014-04-10T09:08:53-05:00, runtime 0:00:00.044)
> jvm 1    | org.apache.http.conn.HttpHostConnectException: Connect to rhc.sonatype.com:443 [rhc.sonatype.com] failed: Connection refused
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: nexus phone home to rhc.sonatype.com ?

hanasaki
CONTENTS DELETED
The author has deleted this message.
Reply | Threaded
Open this post in threaded view
|

Re: nexus phone home to rhc.sonatype.com ?

Stuart McCulloch-2
On 17 Apr 2014, at 04:16, hanasaki <[hidden email]> wrote:

> *From:* Stuart McCulloch <[hidden email]>
> *Sent:*  Friday, April 11, 2014 12:39PM
> *To:* [hidden email]
> *Subject:* Re: [nexus-user] nexus phone home to rhc.sonatype.com ?
>
> The system actually fails to start based on what appears to be unhandled exceptions that bubble to the top.  Fortunately, the healthcheck properties file in the conf dir can be manually edited and the properties in it changed from "true" to "false".  This allows startup; however the system is smart enough to know it has registered to sonatype for health check notifications on the sonatype server rhc and therefore generates warning msg in the log files (failed to unregister).

Could you paste the exact warning message? (I assume it’s different to the warning message in your earlier email which came from a scheduled task - if it is the same then deleting this task from the UI should resolve this)

> * Is there a way to unregister healthcheck configurations without temporarily enabling Internet accessibility?

First check Scheduled Tasks in case there are any leftover health check tasks (when I tested this locally with 2.8.0-05 the tasks were removed when I set the flags to false in healthcheck.properties, but best check in case)

Next go to the Capabilities page and check to see if you have the “Health Check” capability added (performs health check for your local proxy repositories) - if you do then either disable or remove this capability.

You may also want to disable or remove the “Outreach” capability which serves up external documentation/support content on the welcome page: http://books.sonatype.com/nexus-book/reference/nexus-outreach-plugin.html

> * Am I deducing correctly that installs of nexus register their hosted repository information with a central directory server at sonatype?

No, the OSS version of Nexus only supports health check for supported proxy repositories such as Maven Central, and this only happens if someone has either explicitly installed and enabled the Health Check capability, or enabled Health Check for a specific proxy repository. Nexus OSS does not run health check over hosted repositories. Furthermore it does not register the repository with a directory server, instead it runs a scheduled task which gathers anonymised artifact information (hashes, etc.) for any artifacts that have been downloaded from the proxy repository (ie. Maven Central). It then sends an archive of these hashes for processing at Sonatype.

> What locally hosted repository information from a private internal repository I created is transfered off our server to Sonatype and where else is it shared?  Jar file names? contents? pom, dependency, license information?

In the OSS version of Nexus it only runs Health Check against supported proxy repositories (Maven Central) not your own hosted repositories. Health Check only sends hashes (such as the SHA checksum of the jar) as well as last access time and a sanitised form of the original proxy path (in this case the path of the artifact on Maven Central). It also sends some basic sanitised details of the JVM and OS (just type and version) that Nexus is running on.

> Basically our server was setup and configured with access to prime caches, experiment and test and then moved behind a firewall and prohibited Internet access.
>
> On 04/11/2014 12:39 PM, Stuart McCulloch wrote:
>> On 11 Apr 2014, at 18:10, hanasaki <[hidden email]> wrote:
>>
>>> Running the current version 2.8 of Nexus open source.
>>> The server has no external connectivity and is reporting the below error and failing to start.
>>>
>>> What is it trying to communicate back to sonatype
>>
>> The "Repository Health Check" chapter of the Nexus book discusses this feature:
>>
>> http://books.sonatype.com/nexus-book/reference/rhc.html
>>
>> and this KB article explains more about what exactly is sent:
>>
>> https://support.sonatype.com/entries/40568578-How-does-the-Analyze-button-generate-a-Remote-Health-Check-report-
>>
>> Note that this feature is disabled by default, the scheduled task is only added when the health check feature is explicitly enabled on one or more repositories.
>>
>>> and how can it be configured to 1. not send information back to sonatype and 2. start on an internal network without external connect out permissions?
>>
>> Select the repository(in this case central) in the repository view, click on the ‘health check’ tab in the lower panel, and set enabled to false:
>>
>> http://books.sonatype.com/nexus-book/reference/_enabling_repository_health_check.html
>>
>> save the configuration and the scheduled task that runs the repository health check will be removed (you can verify this by checking the scheduled tasks view).
>>
>>> jvm 1    | 2014-04-10 09:08:53 WARN  [pxpool-1-thread-4] *TASK com.sonatype.nexus.plugins.healthcheck.task.HealthCheckTask - Scheduled task (Health Check: central) failed :: Health Check Management for Repository central (started 2014-04-10T09:08:53-05:00, runtime 0:00:00.044)
>>> jvm 1    | org.apache.http.conn.HttpHostConnectException: Connect to rhc.sonatype.com:443 [rhc.sonatype.com] failed: Connection refused
>>>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: nexus phone home to rhc.sonatype.com ?

Peter Lynch-2
In reply to this post by hanasaki



On Thu, Apr 17, 2014 at 12:16 AM, hanasaki <[hidden email]> wrote:
*From:* Stuart McCulloch <[hidden email]>
*Sent:*  Friday, April 11, 2014 12:39PM
*To:* [hidden email]
*Subject:* Re: [nexus-user] nexus phone home to rhc.sonatype.com ?

The system actually fails to start based on what appears to be unhandled exceptions that bubble to the top.  Fortunately, the healthcheck properties file in the conf dir can be manually edited and the properties in it changed from "true" to "false".  This allows startup; however the system is smart enough to know it has registered to sonatype for health check notifications on the sonatype server rhc and therefore generates warning msg in the log files (failed to unregister).

* Is there a way to unregister healthcheck configurations without temporarily enabling Internet accessibility?

* Am I deducing correctly that installs of nexus register their hosted repository information with a central directory server at sonatype? What locally hosted repository information from a private internal repository I created is transfered off our server to Sonatype and where else is it shared?  Jar file names? contents? pom, dependency, license information?

Basically our server was setup and configured with access to prime caches, experiment and test and then moved behind a firewall and prohibited Internet access.


 

 

On 04/11/2014 12:39 PM, Stuart McCulloch wrote:
On 11 Apr 2014, at 18:10, hanasaki <[hidden email]> wrote:

Running the current version 2.8 of Nexus open source.
The server has no external connectivity and is reporting the below error and failing to start.

What is it trying to communicate back to sonatype

The "Repository Health Check" chapter of the Nexus book discusses this feature:

        http://books.sonatype.com/nexus-book/reference/rhc.html

and this KB article explains more about what exactly is sent:

        https://support.sonatype.com/entries/40568578-How-does-the-Analyze-button-generate-a-Remote-Health-Check-report-

Note that this feature is disabled by default, the scheduled task is only added when the health check feature is explicitly enabled on one or more repositories.

and how can it be configured to 1. not send information back to sonatype and 2. start on an internal network without external connect out permissions?

Select the repository(in this case central) in the repository view, click on the ‘health check’ tab in the lower panel, and set enabled to false:

        http://books.sonatype.com/nexus-book/reference/_enabling_repository_health_check.html

save the configuration and the scheduled task that runs the repository health check will be removed (you can verify this by checking the scheduled tasks view).

jvm 1    | 2014-04-10 09:08:53 WARN  [pxpool-1-thread-4] *TASK com.sonatype.nexus.plugins.healthcheck.task.HealthCheckTask - Scheduled task (Health Check: central) failed :: Health Check Management for Repository central (started 2014-04-10T09:08:53-05:00, runtime 0:00:00.044)
jvm 1    | org.apache.http.conn.HttpHostConnectException: Connect to rhc.sonatype.com:443 [rhc.sonatype.com] failed: Connection refused


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]