Skip to main content

Configuring Proxy​

  • Updated

If a proxy is configured for access to IP addresses outside a customer estate then the appliance must be configured to make use of this proxy.

This configuration must be done in two stages.

Normal Data Flow to SAAS via Proxy

In order to use an appliance via an HTTP proxy, the following configuration should be completed:

  1. Open an SSH connection to your appliance.
  2. Navigate to the communication server folder and edit the http-proxy.conf file
    % sudo vi /opt/docker/http-proxy.conf
  3. Enter/Update the following values in the file:
    • PROXY_ENABLED=true
    • PROXY_HOSTNAME=__PROXY_HOSTNAME__
    • PROXY_PORT=8080
    • PROXY_USERNAME=
    • PROXY_PASSWORD=
  4. Save the file.
  5. If the appliance was registered prior to this configuration change, then the following commands should be run after the config file has been updated and saved.
    % sudo /opt/docker/start-appliance-stack.sh

Appliance Upgrade Operations via Proxy

In order to allow appliance upgrade via an HTTP proxy, the following configuration should be completed:

  1. Open an SSH connection to your appliance.
  2. Execute the following commands to update the docker proxy configuration
    • Provide a simple means to set the values for a HTTP proxy and a HTTPS proxy endpoint. Please note, the value for HTTPS_PROXY should always be set. It should point to the https:// defined endpoint where one is available, otherwise, it should be defaulted to the http:// defined endpoint. Then, provide an appropriate IP address and port for your system configuration. The following example shows a configuration where the HTTPS endpoint is not available so the HTTPS_PROXY value point to the “http://” URL.
      1. % export HTTP_PROXY="http://<ip>:<port>"
      2. % export HTTPS_PROXY="http://<ip>:<port>"
    • If authentication is required for the proxy then this can also be configured by specifying the username and password as part of the URL.
      1. % export HTTP_PROXY="http://<username>:<password>@<ip>:<port>"
      2. % export HTTPS_PROXY="http://<username>:<password>@<ip>:<port>"
    • Execute the following command to create a new configuration file (http-proxy.conf) using the environment variables previously defined.
      1. % sudo tee /etc/systemd/system/docker.service.d/http-proxy.conf > /dev/null <<EOF
      2. [Service]
      3. Environment="HTTP_PROXY=$HTTP_PROXY"
      4. Environment="HTTPS_PROXY=$HTTPS_PROXY"
      5. EOF
    • Restart appliance services to pick up new configuration
      1. % sudo systemctl daemon-reload
      2. % sudo systemctl restart docker.service
    • You can check if the docker environment has picked up the new configuration by executing the following command. If correctly configured, the environment variable will be displayed.
      1. % sudo systemctl show docker --property Environment
      2.  
      3. Environment=HTTP_PROXY=http://10.46.4.5:3128 HTTPS_PROXY=http://10.46.4.5:3128
    • The update process can now be triggered from the CAM UI.
Note: This will change once we start configuring proxy via Appliance or CAM UI.

 

Related articles