[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: No external access inside container





Thanks Ben.

I must have been doing something silly because I recreated the cluster, configured the proxy directly in the Jenkins ui and everything worked as expected.

However I had issues with creating other apps via new-app (using the Jenkins template did work). new-app couldn't connect to the public registry. To get around this I set the proxy environment variables as arguments to the oc cluster up command.

oc cluster up -e http_proxy=http://<proxy ip>:<port> -e https_proxy=http://<proxy ip>:<port>

Then I could create apps with new-app but the openshift registry was not happy. It started, but the health checks failed and it got killed.

"Readiness probe failed: Get http://172.17.0.4:5000/healthz: read tcp <host ip>:46708-><proxy ip>:<proxy port>: read: connection reset by peer"

So it was trying to use the proxy to hit the registry.

To fix that I passed no_proxy=172.17.0.4:5000 to cluster up.

If the registry gets a different internal ip address this will break of course. I suspect I will have other issues if internal traffic is being pushed out to the proxy but we'll cross that bridge when we get to it. Unless someone can save me the headaches.

Thanks again.

Lionel.



On Wed, 3 Aug 2016 at 12:16 PM, Ben Parees <bparees redhat com> wrote:
On Mon, Aug 1, 2016 at 11:07 PM, Lionel Orellana <lionelve gmail com> wrote:
Hello

I ran a cluster with oc cluster up and deployed Jenkins from the provided template. I can acces Jenkins and login. But I need to setup our company proxy so Jenkins can access external sites (eg. Github.com).

From within the container (oc rsh jenkins-5-xg14g) curl fails to connect to github.com. From the host it connects fine. I ran these commands to try add the proxy settings to the container:

oc env dc/jenkins HTTPS_PROXY=server:port
oc env dc/jenkins HTTP_PROXY=server:port

The container was redeployed and I can see the new env vars in the console. But still can't access the internet.

​if you oc rsh into the container and poke around, can you get external access?  (after setting proxy env variables within your rsh session to ensure they are available)

note that there are a couple ways to configure a proxy for curl:

also there's some lack of consistency on what is supported in terms of HTTP_PROXY because http_proxy is the standard so you might try setting your env variables with lower case.

 

oc get hostsubnet returns nothing.

Versions:
oc v1.3.0-alpha.2
Docker 1.10.3
Rhel 7.2

Thanks for any help.

Lionel.

_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users




--
Ben Parees | OpenShift


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]