Cannot configure DO machine driver

1

Although following http://rancher.com/docs/rancher/v1.6/en/hosts/digitalocean/
I get a 403 from digital ocean, with the following content

Request headers

:authority:foo.bar
:method:GET
:path:/v2-beta/proxy/api.digitalocean.com/v2/regions?per_page=100
:scheme:https
accept:application/json
accept-encoding:gzip, deflate, br
accept-language:de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4,es;q=0.2,it;q=0.2
cache-control:no-cache
cookie:__cfduid=IDBLACKEDOUT; PL=rancher; token=TOKENBLACEKDOUT; CSRF=BALCKEDOUT
pragma:no-cache
referer:https://foo.bar/env/1a5/infra/hosts/add?driver=digitalocean
user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36
x-api-auth-header:Bearer BLACKEDOUT

Response headers

cache-control:max-age=8
cf-ray:381065315c3c52d8-MIA
content-encoding:gzip
content-type:text/html; charset=UTF-8
date:Wed, 19 Jul 2017 20:22:52 GMT
expires:Wed, 19 Jul 2017 20:23:00 GMT
server:cloudflare-nginx
status:403
x-api-account-id:1a1
x-api-schemas:https://foo.bar/v2-beta/schemas
x-api-user-id:1a1
x-frame-options:SAMEORIGIN
x-rancher-version:v1.6.4

Any clues, why this is happening?

2

Wrong DO API key, or cloudflare is breaking something…

3

Thanks! I haven’t noticed the role cloudflare could play in here. But what possibly could make cloudflare block my instance? Are there some standard candidates to look for? Or could you point me to a documentation entry point for understanding the lower level details of api auth?

Otherwise, i could have no possible explanation why the api key should get corrupted while copying…

4

The driver isn’t involved here, that’s just the UI making a request to the DO API through the rancher/server to read the list of regions. The actual docker-machine driver doesn’t get involved until you submit.

I have no idea what CloudFlare is changing if anything, but it’s a thing in the path that could be adding/removing/changing headers or the body. I would get a tcpdump of what is actually received by and sent from the server container.