Bug 1310660 - [RFE] The OpenShift provider should use the proxy configured in CloudForms
[RFE] The OpenShift provider should use the proxy configured in CloudForms
Status: CLOSED CURRENTRELEASE
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Providers (Show other bugs)
5.5.0
Unspecified Unspecified
high Severity medium
: GA
: 5.7.0
Assigned To: Erez Freiberger
Jaroslav Henner
container:openshift
: FutureFeature, TestOnly, ZStream
Depends On:
Blocks: 1334376 1346991 1356972
  Show dependency treegraph
 
Reported: 2016-02-22 07:44 EST by kpichard
Modified: 2017-01-11 14:56 EST (History)
12 users (show)

See Also:
Fixed In Version: 5.7.0.0
Doc Type: Enhancement
Doc Text:
Cause: Consequence: Fix: Result:
Story Points: ---
Clone Of:
: 1334376 1346991 1356972 (view as bug list)
Environment:
Last Closed: 2017-01-11 14:56:27 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description kpichard 2016-02-22 07:44:09 EST
Description of problem:

I have connected a Cloudforms to Openshift and I need to use proxy to connect to metrics host.
After setting a proxy on Cloudforms EVM through interface like below

http_proxy:
  host: elbProxy-XXXXX.com
  password: 
  port: 8888
  user: 

After I restart EVM, metrics collector are still trying connecting without using proxy. 

[----] I, [2016-02-22T04:05:25.655501 #22370:cd5988]  INFO -- : MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::MetricsCapture#perf_collect_metrics) Collecting metrics for ContainerGroup(99000000000078) [realtime] [2016-02-22 08:50:00 UTC] []
[----] E, [2016-02-22T04:05:25.680922 #22370:cd5988] ERROR -- : MIQ(MiqQueue#deliver) Message id: [99000000458561], Error: [getaddrinfo: Name or service not known]
[----] E, [2016-02-22T04:05:25.681052 #22370:cd5988] ERROR -- : [SocketError]: getaddrinfo: Name or service not known  Method:[rescue in deliver]
[----] E, [2016-02-22T04:05:25.681108 #22370:cd5988] ERROR -- : /opt/rh/rh-ruby22/root/usr/share/ruby/net/http.rb:879:in `initialize'
 
Metrics collector is trying to resolv showing that it is not trying to connect through proxy.


Version-Release number of selected component (if applicable): 5.5.2.4


How reproducible: 

1 Connect Cloudforms to an Openshift provider behind a proxy 
2 Add proxy to the configuration
 
Check that to connect to metrics Cloudforms use the proxy.

Actual results:

CloudForms metrics collector try to resolv name that can only be resolved by proxy


Expected results:

CloudForms Metrics Collector connection passing through the proxy.  

Additional info:
Comment 2 Federico Simoncelli 2016-02-25 11:08:52 EST
(In reply to kpichard from comment #0)
> Description of problem:
> 
> I have connected a Cloudforms to Openshift and I need to use proxy to
> connect to metrics host.
> After setting a proxy on Cloudforms EVM through interface like below

kpichard is the inventory collection using that proxy?

I'd expect that both inventory and metrics would (or wouldn't) be using the proxy.
Comment 3 kpichard 2016-03-08 05:36:02 EST
Hello Federico,

I can confirm that both are not currently using the proxy.

In fact provider isn't accessible through the proxy as it's a private name used for the moment.

I don't get why the proxy is not used after setup the configuration to use proxy then reboot evmserver.

Can I do something more to check proxy configuration on cloudforms ?

Kévin
Comment 4 Federico Simoncelli 2016-03-08 06:59:59 EST
Greg, remind us, the proxy is used only for AWS at this time?

At the moment it seems that this should be handled as a feature request.
Comment 6 Greg Blomquist 2016-03-15 09:54:34 EDT
Federico, yeah, we can change it to RFE, that's fine.
Comment 9 kpichard 2016-03-29 09:30:09 EDT
To give you more information on this, currently we have setup a work arround by setting the ip address on the hosts file.

But this is a dirty patch avoiding to path throught the proxy and to avoid this issue.

Have you managed to test proxy for openshift ?

Kévin
Comment 10 Erez Freiberger 2016-05-05 05:13:18 EDT
https://github.com/ManageIQ/manageiq/pull/8472
Comment 14 Jaroslav Henner 2016-10-24 13:49:07 EDT
cfme-5.7.0.0-1.el7cf.x86_64
Configured the http_proxy in /var/www/miq/vmdb/config/settings.yml on the CFME, then I tried to verify the connection using hostname refering to the openshift master. I made sure to have these config lines to squid.conf

acl SSL_ports port 443
acl Safe_ports port 443         # https
acl SSL_ports port 8443         # https
acl Safe_ports port 8443                # https
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports


I have added that hostname to /etc/hosts on the proxy. The verify button in the CFME produced

1477330876.651     31 X.Y.Z.95 TCP_TUNNEL/200 2345 CONNECT ose3-master-ki4mb:443 - HIER_DIRECT/A.B.C.2 -
1477330879.833     12 X.Y.Z.95 TCP_TUNNEL/200 2714 CONNECT ose3-master-ki4mb:8443 - HIER_DIRECT/A.B.C.2 -

In the squid log. Verification succeed.

Note You need to log in before you can comment on or make changes to this bug.