We are using a VIP for the deployment server uri, as it needs to be on a low port to survive firewalls, and is easier to configure in our infrastructure.
Is deployment server completely REST based? I'm seeing some strange errors when going through the VIP, which is handling the SSL, not just forwarding the port:
01-25-2011 19:10:58.138 WARN NetUtils - Bad select_for_loop rv = -2
01-25-2011 19:10:58.138 WARN HTTPClient - Error when reading from uri:
deployment-server.client.com:443, nbytes: -2, downloaded so far: 10240
01-25-2011 19:10:58.138 WARN DeployedApplication - There was a problem
downloading from uri=deployment-server.client.com:443,
So you have turned off SSL on the Deployment Server? Have you also installed appropriate new SSL CA certificates on the Deployment Clients?
SSL is running. The VIP/LB magically made it work. It's not clear whether it is acting as an https proxy or simply stepping in the way of the SSL.
The behavior is this:
1. First round of downloads and deployments work fine, though with the errors seen above.
2. On changes, deploymentclient determines it needs new apps and seems to download them into var/run/CLASSNAME
3. There is a new error saying the expected bundle could not be found in var/run/CLASSNAME, with a different integer in the name than expected.
In the end, we used a different port and forwarded the socket.