Red Hat Bugzilla – Bug 1310660
[RFE] The OpenShift provider should use the proxy configured in CloudForms
Last modified: 2017-01-11 14:56:27 EST
Description of problem:
I have connected a Cloudforms to Openshift and I need to use proxy to connect to metrics host.
After setting a proxy on Cloudforms EVM through interface like below
After I restart EVM, metrics collector are still trying connecting without using proxy.
[----] I, [2016-02-22T04:05:25.655501 #22370:cd5988] INFO -- : MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::MetricsCapture#perf_collect_metrics) Collecting metrics for ContainerGroup(99000000000078) [realtime] [2016-02-22 08:50:00 UTC] 
[----] E, [2016-02-22T04:05:25.680922 #22370:cd5988] ERROR -- : MIQ(MiqQueue#deliver) Message id: , Error: [getaddrinfo: Name or service not known]
[----] E, [2016-02-22T04:05:25.681052 #22370:cd5988] ERROR -- : [SocketError]: getaddrinfo: Name or service not known Method:[rescue in deliver]
[----] E, [2016-02-22T04:05:25.681108 #22370:cd5988] ERROR -- : /opt/rh/rh-ruby22/root/usr/share/ruby/net/http.rb:879:in `initialize'
Metrics collector is trying to resolv showing that it is not trying to connect through proxy.
Version-Release number of selected component (if applicable): 18.104.22.168
1 Connect Cloudforms to an Openshift provider behind a proxy
2 Add proxy to the configuration
Check that to connect to metrics Cloudforms use the proxy.
CloudForms metrics collector try to resolv name that can only be resolved by proxy
CloudForms Metrics Collector connection passing through the proxy.
(In reply to kpichard from comment #0)
> Description of problem:
> I have connected a Cloudforms to Openshift and I need to use proxy to
> connect to metrics host.
> After setting a proxy on Cloudforms EVM through interface like below
kpichard is the inventory collection using that proxy?
I'd expect that both inventory and metrics would (or wouldn't) be using the proxy.
I can confirm that both are not currently using the proxy.
In fact provider isn't accessible through the proxy as it's a private name used for the moment.
I don't get why the proxy is not used after setup the configuration to use proxy then reboot evmserver.
Can I do something more to check proxy configuration on cloudforms ?
Greg, remind us, the proxy is used only for AWS at this time?
At the moment it seems that this should be handled as a feature request.
Federico, yeah, we can change it to RFE, that's fine.
To give you more information on this, currently we have setup a work arround by setting the ip address on the hosts file.
But this is a dirty patch avoiding to path throught the proxy and to avoid this issue.
Have you managed to test proxy for openshift ?
Configured the http_proxy in /var/www/miq/vmdb/config/settings.yml on the CFME, then I tried to verify the connection using hostname refering to the openshift master. I made sure to have these config lines to squid.conf
acl SSL_ports port 443
acl Safe_ports port 443 # https
acl SSL_ports port 8443 # https
acl Safe_ports port 8443 # https
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
I have added that hostname to /etc/hosts on the proxy. The verify button in the CFME produced
1477330876.651 31 X.Y.Z.95 TCP_TUNNEL/200 2345 CONNECT ose3-master-ki4mb:443 - HIER_DIRECT/A.B.C.2 -
1477330879.833 12 X.Y.Z.95 TCP_TUNNEL/200 2714 CONNECT ose3-master-ki4mb:8443 - HIER_DIRECT/A.B.C.2 -
In the squid log. Verification succeed.