Rancher 2 behind Proxy with FQDN

Hi,
I created a RKE cluster, then installed cert-manager and rancher on it.
It worked, but the catalog reading failed, I got the error from the git clone line.
I checked all nodes and git clone works fine, behind a proxy.
So I guessed it was an internal Rancher configuration as I forgot to put --set proxy=… and --set noProxy=… in the helm install command line, as suggested here.
BTW it would be useful to put it before the install instructions and not after.
That docs says I have to put all IP addresses from nodes in the noProxy. Can’t I just add the fqdn or a wildcard like “cluster.mydomain” in the noProxy parameter?
This other doc mentioned I should set the HTTP_PROXY and the HTTPS_PROXY env var, but where? On each node?
I already configured the proxy for docker in systemd ans thought it was enough.
Thanks for your help, this software is awesome timesaver.

I have found that setting HTTP_PROXY on the node does not work for rancher itself. It will allow docker out but not rancher so things like catalog refresh fails. To get around this I modify the rancher deployment.

In the system project, edit in yaml the rancher deployment in the cattle-system namespace. I add the proxy setting in this section like so:

     containers:
  - args:
    - --http-listen-port=80
    - --https-listen-port=443
    - --add-local=auto
    env:
    - name: CATTLE_NAMESPACE
      value: cattle-system
    - name: CATTLE_PEER_SERVICE
      value: rancher
    name: HTTPS_PROXY
      value: http://proxy.domain.com:8080
    - name: HTTP_PROXY
      value: http://proxy.domain.com:8080
    - name: NO_PROXY
      value: localhost,127.0.0.1,0.0.0.0,10.0.0.0/8,192.168.10.0/24
    image: rancher/rancher:v2.3.5
1 Like

Thanks a lot for this information. I don’t have this file in my process as I use the official Rancher doc, I deployed Rancher with Helm.

I also deploy rancher via helm. You can edit the deployment right from the browser using the rancher interface.

OK, but how can I access the Rancher UI before deploying Rancher?

You cant. Modify it after deployment is complete. Im sure there is a way to modify it before deployment but I dont know how.

Hi, thank you for your help, I found how to do it, I just updated Rancher with the --set proxy parameter, as Rancher was already up to date, it fixed my proxy problem.