Proxy Settings for RancherOS

grob4ever · September 30, 2015, 9:32pm

I’m trying to get Rancher installed on RancherOS and I’m behind a corporate proxy. I was able to get installed on a different distro by adding my proxy info to /etc/sysconfig/docker, but I can’t find that file in RancherOS. What’s the best way to add it to the cloud-config? After I run the ros config is there a way to cat out the contents to insure I have the right info? Also do I have to restart the docker container after I make the change?

Thanks,

denise · October 1, 2015, 6:38pm

FYI, this couldn’t be done in v0.3.3 because we didn’t have a persistent console. With v0.4.0 (coming out hopefully end of this week), which is a HUGE refactor of everything to make it much more usable (custom kernel, storage, perisistent console). You should be able to set up proxy settings in the user docker daemon. This would have to be done in the ubuntu or debian console and we’ll be including how to do it in the documentation.

Shuliyey · November 12, 2015, 3:30am

Hi

Can this be done in the latest release of rancher.iso.

I’m trying to install racheros onto hard disk. I’ve configured all static ip, dns and etc.

But our network is behind corporate firewall. I’ve tried setting http_proxy. But I still get network timeouts. when trying to pull the image.

The other problem I can think of is that our corporation actually captures the ssl certification and swap to its own proxyserver generated certificate.

Is there a way to install ssl certificate, so rancheros is able to pull the image?

e.g. to install a certificate in ubuntu
we put the certificate to /usr/local/share/ca-certificates

sudo cp foo.crt /usr/local/share/ca-certificates/foo.crt.

Then you do

sudo update-ca-certificates. And everything will be handled

Or is there a manual process to docker pull the latest rancher/os on another machine, and scp the image up to rancheros. so during the installation, so “ros install” could install from a local copy of the rancheros image.

Shuliyey · November 12, 2015, 7:03am

Hi,

I managed to find a work around on this one.

I docker pulled rancher/os:v0.4.0 from another machine and exported the image as tar file.

then I scp this tar file up and imported into the system-docker of the booted rancher/os

scp <tar> rancher@<ip>:~/
cat <tar> | sudo system-docker import - rancher/os:v0.4.0
sudo system-docker restart docker

This way I can get a local copy of rancher/os:v0.4.0. So I can carry on with the rancher/os installation, so the next step is to install rancheros onto disk

sudo ros install -c cloud-config.yml -d /dev/sda

So now I no longer get the complaint on not being able to pull rancher/os:v0.4.0

I was able to get to the disk partitioning stage. Then I get this error about “-d” not found in PATH.

I presume the latest rancher/os:v0.4.0 (os-install) have bugs?
I posted this problem on github issues page https://github.com/rancher/os/issues/645

Or is it that I just can’t install rancher/os as VM on Hyper-V

denise · November 13, 2015, 7:02pm

I know you’ve found a workaround, but here’s the documenation on how v0.4.0 supports proxy settings in user docker.

http://docs.rancher.com/os/configuration/docker/#proxy-settings

Shuliyey · December 19, 2015, 2:41am

you are right denise.

I actually tried setting proxy for both the user level and system level

sudo ros config set rancher.system_docker.environment '[http_proxy=<proxy>, https_proxy=<proxy>]'
sudo ros config set rancher.docker.environment '[http_proxy=<proxy>, https_proxy=<proxy>'
# restart docker daemon for proxy to take effect
sudo system-docker restart docker

I also added our corporate’s firewall proxy certificate to rancher’s trusted certificate

sudo -i -u root
cat <crt> >> /etc/ssl/certs/ca-certificates.crt

I verified I can now pull docker images down from user level docker

docker pull debian

how ever the system level docker still doesn’t work

sudo system-docker pull debian

because ros install actually uses system-docker to pull the rancher/os:v0.4.0, hence it won’t work, if the system-docker still can’t pull the images

In the end i still used the work around,

# pull the docker image from user level docker
docker pull rancher/os:v0.4.0
# export the rancher/os:v0.4.0 image to a tar file
docker save rancher/os:v0.4.0 > rancheros.tar
# import the rancher/os:v0.4.0 image tar file to system-docker level
sudo system-docker load < rancheros.tar
# you can verify that the system-docker does contain the rancher/os:v0.4.0 image
sudo system-docker images
# now the ros install works
sudo ros install -c cloud-config.yml -d /dev/sda

I think I saw some thread, some people saying to set the system-docker level proxy, you can edit some file which sets the proxy at kernel level. But I haven’t tried that

Topic		Replies	Views
How to configure proxy on the user level docker? RancherOS	6	6514	October 14, 2015
RancherOS behind corporate proxy RancherOS	3	5513	January 19, 2016
Custom PROXY TLS Certificate for Authentication RancherOS	0	746	February 7, 2019
Configure rancheros for private registry RancherOS	4	2072	February 12, 2018
Install guide for Rancher on RancherOS	10	5916	June 17, 2016

Proxy Settings for RancherOS

Related Topics