Search code examples
rhelopenshift-origin

Proxy configuration for OpenShift Origin

I am setting up an OpenShift origin server. The configurations I do heavily relies on the walkthrough description:

https://github.com/openshift/origin/blob/master/examples/sample-app/README.md

After creating a project, I add a new app like this (successfully):

oc new-app centos/ruby-22-centos7~https://github.com/openshift/ruby-hello-world.git

OpenShift tries to build immediatelly, only to fail as follows:

F0222 15:24:58.504626 1 builder.go:204] Error: build error: fatal: unable to access 'https://github.com/openshift/ruby-hello-world.git/': Failed connect to github.com:443; Connection refused

I consulted the documentation about the proxy configuration:

https://docs.openshift.com/enterprise/3.0/admin_guide/http_proxies.html#git-repository-access

Concluded that I can simply edit the YAML descriptor for this specific app to include my corporate proxy.

...
source:
  type: Git
  git:
    uri: "git://github.com/openshift/ruby-hello-world.git"
    httpProxy: http://proxy.example.com
    httpsProxy: https://proxy.example.com
...

With that change the build proceeds.

Can the HTTP proxy be configured system wide?

Note: again, I simply downloaded the binaries (client, server), did not install via ansible. And I did not find relevant properties openshift.local.config folder, inside my server binary folder.

Solution

  • After some time I now know enough to answer my own question. There are two places where one needs to deal with corporate proxy settings.

    Docker This thread will tell you what to do in detail:

    Cannot download Docker images behind a proxy

    In my case on RHEL 7.2 I needed to edit this file: /etc/sysconfig/docker I had to add the following entries:

    HTTP_PROXY="http://proxy.company.com:4128"
HTTPS_PROXY="http://proxy.company.com:4128"

    Then a restart of the docker service was necessary.

    Origin Proxy What I missed originally was the place to configure our corporate proxy settings. Currently I have a cluster (1 master, 1 node) installed via ansible.

    These are the relevant files to edit on the servers: * /etc/sysconfig/origin-master * /etc/sysconfig/origin-node

    There already placeholders in this file:

    #NO_PROXY=master.example.com
#HTTP_PROXY=http://USER:PASSWORD@IPADDR:PORT
#HTTPS_PROXY=https://USER:PASSWORD@IPADDR:PORT

    Documentation:

    https://docs.openshift.org/latest/install_config/http_proxies.html