Proxy settings at/prior to cloud-init runtime
Instances launched into our VPC in EC2 require HTTP_PROXY
and partners to be set to access anything located outside the VPC.
Now I've run into a problem (using data pipeline) where I have no control over the user data passed in for cloud-config. Given the proxies are not set, I can see wget hanging (trying to connect) during the cloud-init user scripts.
Having set environment variables in /etc/environment
it seems this is not read at runlevel 3 (this uses a positively ancient Amazon Linux 2013.03
, and ps axf
suggests it's called from runlevel 3, but I have to admit I'm not familiar with the various init daemons and their interaction with cloud-init):
1354 ? S 0:00 \_ /bin/bash /etc/rc3.d/S99cloud-init-user-scripts start
1355 ? S 0:00 \_ /usr/bin/python2.6 /usr/bin/cloud-init-run-module once-per-instance user-scripts execute run-parts /var/lib/cloud/data/scripts
1356 ? S 0:00 \_ /bin/bash /usr/bin/run-parts /var/lib/cloud/data/scripts
1360 ? S 0:00 \_ /bin/bash /var/lib/cloud/data/scripts/part-000
1362 ? S 0:00 \_ wget -O remote-runner-install -N http://datapipeline-ap-southeast-2.s3.amazonaws.com/ap-southeast-2/bootstrap-actions/latest/TaskRu...
\
\ This works in a login shell as I've set
the variables in /etc/environment
Setting these variables here does not seem to work:
- /etc/environment
- /etc/sysconfig/cloudinit
How can I set the proxy used during cloud-init runtime?
At the moment there's no good way to add a proxy to cloud init at run time. There's an open bug about it on launchpad/cloud-init.
There are work arounds mentioned in the comments, but they are all inherently application specific (for example for yum
or apt
), setting the proxy variables in their configs.
user-data example for cloud-init while creating ubuntu instance in openstack:
#cloud-config
write_files:
- path: /etc/apt/apt.conf.d/00-proxy
permissions: 0640
owner: root
content: |
Acquire::http { Proxy "http://example.com:8080"; };
Acquire::https { Proxy "http://example.com:8080"; };
Acquire::http::Pipeline-Depth "23";
Acquire::Languages "none";
package_upgrade: true
packages:
- wget
- sysstat
- screen