Hi,
I created a RKE cluster, then installed cert-manager and rancher on it.
It worked, but the catalog reading failed, I got the error from the git clone line.
I checked all nodes and git clone works fine, behind a proxy.
So I guessed it was an internal Rancher configuration as I forgot to put --set proxy=… and --set noProxy=… in the helm install command line, as suggested here.
BTW it would be useful to put it before the install instructions and not after.
That docs says I have to put all IP addresses from nodes in the noProxy. Can’t I just add the fqdn or a wildcard like “cluster.mydomain” in the noProxy parameter?
This other doc mentioned I should set the HTTP_PROXY and the HTTPS_PROXY env var, but where? On each node?
I already configured the proxy for docker in systemd ans thought it was enough.
Thanks for your help, this software is awesome timesaver.
I have found that setting HTTP_PROXY on the node does not work for rancher itself. It will allow docker out but not rancher so things like catalog refresh fails. To get around this I modify the rancher deployment.
In the system project, edit in yaml the rancher deployment in the cattle-system namespace. I add the proxy setting in this section like so:
containers:
- args:
- --http-listen-port=80
- --https-listen-port=443
- --add-local=auto
env:
- name: CATTLE_NAMESPACE
value: cattle-system
- name: CATTLE_PEER_SERVICE
value: rancher
name: HTTPS_PROXY
value: http://proxy.domain.com:8080
- name: HTTP_PROXY
value: http://proxy.domain.com:8080
- name: NO_PROXY
value: localhost,127.0.0.1,0.0.0.0,10.0.0.0/8,192.168.10.0/24
image: rancher/rancher:v2.3.5
Thanks a lot for this information. I don’t have this file in my process as I use the official Rancher doc, I deployed Rancher with Helm.
I also deploy rancher via helm. You can edit the deployment right from the browser using the rancher interface.
OK, but how can I access the Rancher UI before deploying Rancher?
You cant. Modify it after deployment is complete. Im sure there is a way to modify it before deployment but I dont know how.
Hi, thank you for your help, I found how to do it, I just updated Rancher with the --set proxy parameter, as Rancher was already up to date, it fixed my proxy problem.