From 5d3e0eacdaf08243b9068135c3bc86a380f5c0e4 Mon Sep 17 00:00:00 2001 From: Jonathan Rosser Date: Sat, 16 Feb 2019 18:50:13 +0000 Subject: [PATCH] Ensure http proxy environment is available during 'atomic install' for k8s The scripts run by cloud-init for the master and minion nodes currently write proxy environment variables into /bin/bashrc when they are defined. These variables will only be introduced into the running environment when a new bash shell is started. The /bin/sh used by the fragment scripts will ignore /etc/bashrc, so the new shells invoked per fragment will not have the http proxy variables present. This means that the master/minion node deployment fails when behind an http proxy. This patch adds explicit exports for HTTP_PROXY and HTTPS_PROXY when those variables are bith defined, and not empty. Change-Id: Id05c90d5bf99d720ae6002b38d3291e364e1e0c4 (cherry picked from commit d6706c0c005eed857e8f97ed4716c0e103c08eb7) --- .../kubernetes/fragments/configure-etcd.sh | 12 ++++++++++++ .../fragments/configure-kubernetes-master.sh | 12 ++++++++++++ .../fragments/configure-kubernetes-minion.sh | 17 +++++++++++++++++ .../fragments/start-container-agent.sh | 12 ++++++++++++ 4 files changed, 53 insertions(+) diff --git a/magnum/drivers/common/templates/kubernetes/fragments/configure-etcd.sh b/magnum/drivers/common/templates/kubernetes/fragments/configure-etcd.sh index 00a81403aa..ca485cab48 100644 --- a/magnum/drivers/common/templates/kubernetes/fragments/configure-etcd.sh +++ b/magnum/drivers/common/templates/kubernetes/fragments/configure-etcd.sh @@ -4,6 +4,18 @@ set -x +if [ ! -z "$HTTP_PROXY" ]; then + export HTTP_PROXY +fi + +if [ ! -z "$HTTPS_PROXY" ]; then + export HTTPS_PROXY +fi + +if [ ! -z "$NO_PROXY" ]; then + export NO_PROXY +fi + if [ -n "$ETCD_VOLUME_SIZE" ] && [ "$ETCD_VOLUME_SIZE" -gt 0 ]; then attempts=60 diff --git a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh index ac7ffeab39..48017e5206 100644 --- a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh +++ b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh @@ -4,6 +4,18 @@ echo "configuring kubernetes (master)" +if [ ! -z "$HTTP_PROXY" ]; then + export HTTP_PROXY +fi + +if [ ! -z "$HTTPS_PROXY" ]; then + export HTTPS_PROXY +fi + +if [ ! -z "$NO_PROXY" ]; then + export NO_PROXY +fi + _prefix=${CONTAINER_INFRA_PREFIX:-docker.io/openstackmagnum/} mkdir -p /opt/cni diff --git a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh index 2e961cd57c..3754a79f94 100644 --- a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh +++ b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh @@ -4,6 +4,18 @@ echo "configuring kubernetes (minion)" +if [ ! -z "$HTTP_PROXY" ]; then + export HTTP_PROXY +fi + +if [ ! -z "$HTTPS_PROXY" ]; then + export HTTPS_PROXY +fi + +if [ ! -z "$NO_PROXY" ]; then + export NO_PROXY +fi + _prefix=${CONTAINER_INFRA_PREFIX:-docker.io/openstackmagnum/} _addtl_mounts='' @@ -204,6 +216,11 @@ if [ "$NETWORK_DRIVER" = "flannel" ]; then FLANNEL_OPTIONS="$FLANNEL_OPTIONS" EOF + # Ensure external proxy is not used for the following curl + unset HTTP_PROXY + unset HTTPS_PROXY + unset NO_PROXY + # Make sure etcd has a flannel configuration . $FLANNELD_CONFIG until curl -sf $ETCD_CURL_OPTIONS \ diff --git a/magnum/drivers/common/templates/kubernetes/fragments/start-container-agent.sh b/magnum/drivers/common/templates/kubernetes/fragments/start-container-agent.sh index 2c632fef79..416271e683 100644 --- a/magnum/drivers/common/templates/kubernetes/fragments/start-container-agent.sh +++ b/magnum/drivers/common/templates/kubernetes/fragments/start-container-agent.sh @@ -4,6 +4,18 @@ set -ux +if [ ! -z "$HTTP_PROXY" ]; then + export HTTP_PROXY +fi + +if [ ! -z "$HTTPS_PROXY" ]; then + export HTTPS_PROXY +fi + +if [ ! -z "$NO_PROXY" ]; then + export NO_PROXY +fi + _prefix=${CONTAINER_INFRA_PREFIX:-docker.io/openstackmagnum/} atomic install \ --storage ostree \