juju http-proxy and no_proxy settings

I'm setting up an environment with juju and maas. The maas environment has no direct internet connection, a proxy must be used.

I have configured the juju environment's proxy using juju set-env http-proxy=http://my_proxy:8080 and that works, however, when deploying somehting like keystone, there is an installation hook that tries to access localhost, and this request is trying to also go though the proxy.

I have tried juju set-env no-proxy or juju set-env no_proxy, but the debug log just shows there is no config field with either name.

Is there a way to set a no proxy list, and should local addresses bypass the proxy by default?


Solution 1:

Full support for proxies was added with the 1.18.0 release of Juju.

From the release notes:

Support for proxies

Proxies can now be configured for the providers in the environments.yaml file, or added to an existing environment using "juju set-env" The configuration options are:

http-proxy
https-proxy
ftp-proxy
no-proxy

The protocol-specific options accept a URL. The "no-proxy" option accepts a comma-separated list of host names or addresses.

The proxy options are exported in all hook execution contexts, and also available in the shell through "juju ssh" or "juju run".

There are three additional proxy options specific for apt. These are set to be the same as the non-apt proxy values, but can be overridden independently:

apt-http-proxy
apt-https-proxy
apt-ftp-proxy

For example, with a squid-deb-proxy running on a laptop, you can specify the apt-http-proxy to use it for the containers by specifying the host machine’s network-bridge:

apt-http-proxy: http://10.0.3.1:8000

For the 2.0 release of Juju, there is no way to set the environment globally before a model is created, but you can create a config.yaml file, containing the following:

default-series: xenial
no-proxy: localhost
apt-http-proxy: http://<ip address>:<port>
apt-https-proxy: https://<ip address>:<port>
apt-ftp-proxy: ftp://<ip address>:<port>
http-proxy: http://<ip address>:<port>
https-proxy: https://<ip address>:<port>
ftp-proxy: ftp://<ip address>:<port>

You can then use the --config option to tell Juju to use this file (I store mine in ~/.juju/). For example, juju bootstrap localhost lxd-test --config=config.yaml.

Solution 2:

I was facing similar issues on a devstack installation of openstack. It seems like the variable is case sensitive. To solve this I did the following:

Get your ipaddress using the following:

ifconfig

and open your ~/.bashrc file, add this to the end:

no_proxy=localhost,127.0.0.1,<your_ip_address>
NO_PROXY=localhost,127.0.0.1,<your_ip_address>

and then open a new terminal or do source ~/.bashrc.