Proxy settings at/prior to cloud-init runtime

Instances launched into our VPC in EC2 require HTTP_PROXY and partners to be set to access anything located outside the VPC.

Now I've run into a problem (using data pipeline) where I have no control over the user data passed in for cloud-config. Given the proxies are not set, I can see wget hanging (trying to connect) during the cloud-init user scripts.

Having set environment variables in /etc/environment it seems this is not read at runlevel 3 (this uses a positively ancient Amazon Linux 2013.03, and ps axf suggests it's called from runlevel 3, but I have to admit I'm not familiar with the various init daemons and their interaction with cloud-init):

 1354 ?        S      0:00  \_ /bin/bash /etc/rc3.d/S99cloud-init-user-scripts start
 1355 ?        S      0:00      \_ /usr/bin/python2.6 /usr/bin/cloud-init-run-module once-per-instance user-scripts execute run-parts /var/lib/cloud/data/scripts
 1356 ?        S      0:00          \_ /bin/bash /usr/bin/run-parts /var/lib/cloud/data/scripts
 1360 ?        S      0:00              \_ /bin/bash /var/lib/cloud/data/scripts/part-000
 1362 ?        S      0:00                  \_ wget -O remote-runner-install -N http://datapipeline-ap-southeast-2.s3.amazonaws.com/ap-southeast-2/bootstrap-actions/latest/TaskRu...
                                                \
                                                 \ This works in a login shell as I've set 
                                                   the variables in /etc/environment

Setting these variables here does not seem to work:

  • /etc/environment
  • /etc/sysconfig/cloudinit

How can I set the proxy used during cloud-init runtime?


At the moment there's no good way to add a proxy to cloud init at run time. There's an open bug about it on launchpad/cloud-init.

There are work arounds mentioned in the comments, but they are all inherently application specific (for example for yum or apt), setting the proxy variables in their configs.


user-data example for cloud-init while creating ubuntu instance in openstack:

#cloud-config
write_files:
  - path: /etc/apt/apt.conf.d/00-proxy
    permissions: 0640
    owner: root
    content: |
      Acquire::http { Proxy "http://example.com:8080"; };
      Acquire::https { Proxy "http://example.com:8080"; };
      Acquire::http::Pipeline-Depth "23";
      Acquire::Languages "none";
   
package_upgrade: true

packages:
  - wget
  - sysstat
  - screen