Service Catalog behind corp proxy

Even when the service catalog is disabled in the UI’s settings we still see:

fatal: unable to access 'https://github.com/rancher/rancher-catalog.git/': Failed to connect to github.com port 443: Connection timed out

This is similar to Failed to clone the catalog from githubexit status 128

When adding a custom catalog the clone also times out, presumably because the host is not in no_proxy. The setting there also doesn’t appear to stick as a result.

Would someone be able to confirm if http_proxy and no_proxy for this operation are inherited from the docker service proxy configuration? Will a git clone work if the proxy is configured correctly? For github.com if this is supported we have HTTP_PROXY set in /etc/systemd/system/docker.service.d/http-proxy.conf but does not appear to be used with this operation.

try starting rancher/server with "-e http_proxy=http://your.proxy "

Hey @ebishop is that method still current? From a certain version I believe rancher will use the docker service’s proxy (http://docs.rancher.com/rancher/installing-rancher/installing-server/). @denise or is this perhaps an exception?

I run one rancher server instance in a lab where a proxy is required most of the time. I couldn’t get the catalog to load and when I passed in the http_proxy env variable it worked as I remember. Now I always start that instance and pass in http_proxy. So apparently, it won’t hurt anything.

Ah cool - which version was that with?

version 59.0, and I set http_proxy and https_proxy

This sounds like we need to investigate in regards to catalog.

I’ll be using this Github issue to track.

https://github.com/rancher/rancher/issues/3664

FYI, I’ve confirmed with @ibuildthecloud that we need to pass in the environment variables in order to get Rancher catalog working.

http://docs.rancher.com/rancher/installing-rancher/installing-server/#http-proxy

I’ve updated the docs to reflect this.