Colin, Right now the customer would set the http_proxy information in vmdb.tmpl.yml and it is not provider specific. This means that if they add an Amazon provider in the future they would have to use the same http proxy for both Amazon and Azure. thanks
What version of the azure-armrest gem is installed on the appliance?
Colin, Can you also find out if ENV[‘http_proxy’] is currently being used for anything? Looks like we will need that to be set for the Azure StorageAccounts to use the proxy settings.
https://github.com/ManageIQ/manageiq/pull/7142
Created attachment 1134532 [details] passes proxy settings, if any, when connecting to Azure Hi Colin, Attached is a tar file containing a patch. This needs to be opened inside the manageiq directory. It will extract the following file: app/models/manageiq/providers/azure/cloud_manager.rb In addition, the customer must install the latest version of the azure-armrest gem (0.1.3).
New commit detected on ManageIQ/manageiq/master: https://github.com/ManageIQ/manageiq/commit/9391564d2c99b06c651a120963f6e0fa64c1e0e0 commit 9391564d2c99b06c651a120963f6e0fa64c1e0e0 Author: Bronagh Sorota <bsorota> AuthorDate: Mon Mar 7 11:48:55 2016 -0500 Commit: Bronagh Sorota <bsorota> CommitDate: Mon Mar 7 13:53:58 2016 -0500 http_proxy support for authenticating to Azure https://bugzilla.redhat.com/show_bug.cgi?id=1314835 app/models/manageiq/providers/azure/cloud_manager.rb | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-)
Created attachment 1134629 [details] Latest version of azure-armrest gem This gem is the latest version of the azure-armrest gem with a version set to 0.0.8 for compatibility. It can be installed as follows: - gem install -i /opt/rh/cfme-gemset —ignore-dependencies -l azure-armrest-0.0.8.gem - bundle show azure-armrest - restarting the appliance.
this patch contains 2 attachments: 1) attachment 1134629 [details] 2) attachment 1134532 [details] Both are required. Please refer only to the instructions attached to 1134629 for modifying the azure-armrest gem.
Created attachment 1135268 [details] Latest version of azure-armrest gem This adds ssl_version and ssl_verify options, and defaults to TLSv1.
It turns out that the default SSL version for Ruby's core net-http library (and consequently the rest-client gem) is SSLv23. This version was not supported by the client's proxy, as it is old and considered insecure. In order to fix this, we needed to explicitly specify SSL version TLSv1 (or later) for the proxy to work. The client tested the new code and was able to validate the credentials successfully.
I created a Proxy Server using windows and it appeared to work correctly. Moving to verified based on customer feedback and review of code changes.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:0616