About | FAQ | Help
Ask Your Question
0

Setting proxy (http_proxy) for puppet run

asked 2018-05-14 04:55:07 -0500

SBodenstedt gravatar image

Hello everyone,

our puppet environment (all ubuntu PCs) is behind a proxy, so it is necessary to go through it for accessing the internet for installing packages, etc. For installing packages over apt-get and pip, I have configured /etc/apt/apt.conf.d/00proxy and /etc/pip.conf respectively, which works for installing packages. While trying to install ppa (using apt::ppa e.g. apt::ppa { 'ppa:jonathonf/ffmpeg-3': ensure => present, } ) and pip package over git (e.g. something like this: package { 'ndsi': ensure => latest, source => 'git+https://github.com/pupil-labs/pyndsi', provider => 'pip3', require => [Package['python3-pip'], ], } ), I have noticed that these run through fine while using puppet agent -t but fail when run through the service (failure to connect). I am assuming this is due to http_proxy being set in my normal bash environment, but not during the puppet run. Is there a way to export the environment variables? So far I have only found instructions that show how this would work for an exec. I have tried setting the proxy in puppet.conf, but this resulted in the clients not being able to download files from the master.

Any help is appreciated!

Thank you,

Sebastian

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2018-05-14 11:41:39 -0500

DarylW gravatar image

I'm not sure about modern puppet, but for puppet3 in puppet.conf there is no 'no_proxy' variable option. We had set the environment variables for the daemon to have http_proxy, https_proxy, and no_proxy properly defined to allow the access we needed. Otherwise we encountered the same problem that you did ( puppet trying to route 'master' traffic through the proxy, which is only externally facing and then fails)

In our case I believe we modified the init script that was running puppet to inject the right variables - for some reason it didn't work when defining them in the /etc/defaults or /etc/sysconfig location. Not sure if anyone else here can chime in.

edit flag offensive delete link more

Comments

Thanks for the great idea! I solved it now by editing /lib/systemd/system/puppet.service. Here I just added a new Environmental file entry for /etc/environment in which I had already defined my proxy. It now works!

SBodenstedt gravatar imageSBodenstedt ( 2018-05-14 12:52:52 -0500 )edit

They really need to either add a proper no_proxy parameter to puppet, or make better note of the http_proxy/https_proxy/no_proxy values in the setup guide

DarylW gravatar imageDarylW ( 2018-05-15 09:57:43 -0500 )edit

Here is a ticket detailing the issue, it looks like they've finally realized that it is an issue worth working on.... https://tickets.puppetlabs.com/browse/PUP-2172

DarylW gravatar imageDarylW ( 2018-05-16 07:42:40 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2018-05-14 04:55:07 -0500

Seen: 21 times

Last updated: May 14