Installing using docker-compose behind a proxy
Closed this issue · 16 comments
I'm trying to install the provisioner on a server behind a proxy.
It is not functioning because, in spite the fact that I've already set the proxies variables both in the environment and also into the docker.service, while trying to download and install the images of the containers nothing is ok cause they cannot contact the github server; for instance.
Do you have any idea on how to solve that issue?
Best regards
Hi @glycerin-ce, any chance you would be able to post some logs or error messages you're seeing?
Sorry, we definitely didn't architect this sandbox with proxies in mind.
Hi @jacobweinstock .
Thanks for giving me support.
I'll attach here the logs using a fresh copy of the project.
Please tell me if is correct in this way.
d25829fa0d500f5a3165a5ba20b769f02cc6399d16a612d56f0b984c0bfce9bb-json.log
310662bff70221a1ea97b125fb053af0fe9c2b578b8320318f9920eb565be42e-json.log
9ae332e1eeebdc9945c0e703fb0637e6851a3bd7c2ad444e8c2553426a581237-json.log
docker-compose_logs.txt
25c5f300e28cfc774797ffff1f1d22806c3360d38d8604d6759e1e321f46852a-json.log
3d9b5aa8b05cb98fc1bc743bbe9c9498722f91b0a15c131401814b1f46bf52b7-json.log
d030dbc3e2d83f2e1d36ec7ccdc804ddae6c911d1d641eea0e9485522576ca80-json.log
Take in count that I have already set the proxy conf in the /etc/systemd/system/docker.service.d/http-proxy.conf.
Please. Tell me if you need more information.
Thanks in advance.
Here you are the containers:
:# docker container ls#
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d030dbc3e2d8 quay.io/tinkerbell/hegel:sha-89cb9dc8 "/usr/bin/hegel" 37 minutes ago Up 37 minutes 0.0.0.0:50060-50061->50060-50061/tcp, :::50060-50061->50060-50061/tcp compose_hegel_1
8acdb91b2084 quay.io/tinkerbell/tink-cli:sha-3743d31e "/bin/sh -c 'sleep i…" 37 minutes ago Up 37 minutes compose_tink-cli_1
d25829fa0d50 quay.io/tinkerbell/boots:sha-36f12f81 "/usr/bin/boots -dhc…" 37 minutes ago Up 27 seconds compose_boots_1
962c5416dbe0 quay.io/tinkerbell/tink:sha-3743d31e "/usr/bin/tink-server" 37 minutes ago Up 37 minutes (healthy) 0.0.0.0:42113-42114->42113-42114/tcp, :::42113-42114->42113-42114/tcp compose_tink-server_1
310662bff702 registry:2.7.1 "/entrypoint.sh /etc…" 37 minutes ago Restarting (1) 48 seconds ago compose_registry_1
5f9dde94d5a3 postgres:14-alpine "docker-entrypoint.s…" 37 minutes ago Up 37 minutes (healthy) 0.0.0.0:5432->5432/tcp, :::5432->5432/tcp compose_db_1
:
Hi everybody.
Any news about my issue?
I'm waiting for your feedback.
Regards
Hey @glycerin-ce,
I've been poking at this a bit and looking through the logs you posted and to me it looks like an issue of docker not properly accessing the internet though the proxy settings, but it looks like you're in the right spot for entering them, so 🤔 hm...
First thing I stumbled on was that Docker Proxy settings can be tricky especially if you require authentication to the proxy to get proper internet access, this blog seems to go into more detail about having user/pass authentication and dealing with special characters in the config files that may help?: https://mikemylonakis.com/unix/docker-proxy
If all that is set, are you able to get docker-compose working otherwise with non-tinker bell projects? For instance, are you able to pull down the latest ubuntu image if you use this hello-world as the docker-compose.yaml?
version: '2'
services:
hello_world:
image: ubuntu
command: [/bin/echo, 'Hello world']That will at least eliminate or highlight the tinker bell specific resources as a problem point
Thanks for your reply @crayzeigh .
I've already set it up for downloading the major part of tinkerbell packages but it seems that something not, maybe requested by the shell script.
I'll try to debug deeply to understand where to solve. :-)
Hi @glycerin-ce. Did you manage to debug any further? Is there anything we can assist with?
Hi @glycerin-ce. Did you manage to debug any further? Is there anything we can assist with?
Hi @chrisdoherty4 .
Thanks for posting this question.
I'm still trying to debug cause I saw that the code is still under development.
Do you are considering to add a branch line about this issue in order to let to deploy a tinkerbell solution behind a proxy?
Best regards.
Gabriele
Hi @chrisdoherty4 dir you read my last answer?
Regards
Gabriele
@glycerin-ce Thanks for the ping, your message got lost in my notifications. We can consider adding an issue to address hosting behind a proxy. I can raise it in next Tinkerbell community meeting.
Happy to hear this news @chrisdoherty4 .
I hope to read more news.
Do you have any idea about a possible timetable for solving this issue?
Thanks too much.
Gabriele
@glycerin-ce I don't have a timeline. The community meets every 2 weeks with the next meetup being next Tuesday, July 5th.
Hi @chrisdoherty4 thanks for your answer.
Please may I ask if you let me know about that point after your meeting of 5th July?
Thanks in advance.
Goof afternoon @chrisdoherty4 any news after your last meeting about the project?
Hi @glycerin-ce.
Do you are considering to add a branch line about this issue in order to let to deploy a tinkerbell solution behind a proxy?
The community concluded the scope of the sandbox is a set of possible ways to deploy Tinkerbell (we're adding some commentary to the README that will clarify this). We don't have strong rules about what can or can't live here, but its typically driven by use-case contributions as opposed to maintainers adding explicit support for something. If you would like to raise a PR, we would welcome additional use-cases or adjustments to the existing code that accommodate your case.
To your original post, I haven't deployed Tinkerbell behind a proxy of any sort. Providing steps to recreate your environment might be useful and perhaps someone will be able to reproduce and provide further guidance.
No action taken.