Bug 1114083
Summary: | [RFE] Capsule should support running behind a proxy | ||
---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Corey Welton <cwelton> |
Component: | Foreman Proxy | Assignee: | Eric Helms <ehelms> |
Status: | CLOSED WONTFIX | QA Contact: | Katello QA List <katello-qa-list> |
Severity: | high | Docs Contact: | David O'Brien <daobrien> |
Priority: | unspecified | ||
Version: | 6.0.3 | CC: | bbuckingham, bkearney, daobrien, jsherril, mmccune, mmurray, xdmoon |
Target Milestone: | Unspecified | Keywords: | FutureFeature, Triaged |
Target Release: | Unused | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-02-16 18:26:47 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Corey Welton
2014-06-27 16:41:49 UTC
WORKAROUND: The user can manually configure the Pulp proxy settings if they have a http proxy between their Capsule and their Satellite. WORKAROUND2 WITH MORE DETAIL: The capsule can be configured to use a specific proxy for all repositories by adding the following settings to the following files: /etc/pulp/server/plugins.conf.d/iso_importer.json /etc/pulp/server/plugins.conf.d/puppet_importer.json /etc/pulp/server/plugins.conf.d/yum_importer.json { "proxy_host" : "<url>", "proxy_port" : <port>, "proxy_username" : "<username>", "proxy_password" : "<password>" } Note: These are a JSON files, so care must be taken when editing these fields. The file must also contain *ALL* the above values even if the proxy does not require a username or password. If it does not require a username or password just use: "proxy_username" : "", "proxy_password" : "" Once these files are created in the above location the user must restart all capsule related services Support for this requires a full feature implementation. If we were to provide proxy options for a Capsule for just the Pulp part, and a user were to lockdown their Capsule's communication to only outbound port 80 they could break other functionality. I have outlined this feature here - http://projects.theforeman.org/projects/katello/wiki/CapsuleCommunication Note: Even with the WORKAROUND in comment #3 if the user's capsule has restricted communications between the Capsule and the Satellite the settings outlined in #3 are not sufficient to have a proxy sit between the Capsule and the Satellite. See comment #5 for more information. My vote is to close this as WONT_FIX IMHO. The whole premise is that the capsule can communicate with the Satellite. We really don't want to go down this road. Does this still require a rel note for 6.1 and if so has it changed at all from what's listed here? thanks We are not planning to fix this. If this is an issue, please feel free to re-open with a specific business justification. |