Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to Configure devworkspaces proxy setting for https_proxy/http_proxy and no_proxy #22810

Closed
gss2002 opened this issue Feb 8, 2024 · 4 comments
Closed

How to Configure devworkspaces proxy setting for https_proxy/http_proxy and no_proxy #22810

gss2002 opened this issue Feb 8, 2024 · 4 comments
Assignees
@tolusha
Labels
area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator area/doc Issues related to documentation kind/question Questions that haven't been identified as being feature requests or bugs.

Comments

@gss2002
Copy link

gss2002 commented Feb 8, 2024

Summary

After working through many git issues and che doc I dont seem to see any specific thing that actually pushes the http_proxy/https_proxy/no_proxy down into a workspace environment? Is this is the proper methodology below or are their other settings please advise...

spec:
components:
cheServer:
debug: false
extraProperties:
CHE_OIDC_USERNAME__CLAIM: email
CHE_WORKSPACE_HTTP__PROXY: http://zproxy.example.com:9480
CHE_WORKSPACE_HTTPS__PROXY: http://zproxy.example.com:9480
CHE_WORKSPACE_NO__PROXY: .k8s.dbar.hdp.example.com,.hdp.example.com,.dbar.hdp.example.com,.example.com,172.17.0.0/16,10.70.16.0/20,10.69.16.0/20,192.168.0.0/16,10.96.0.0/12,.default.svc.cluster.local,.svc.cluster.local,.cluster.local,.svc,.metallb-system.svc,127.0.0.1,localhost

Relevant information

~ $ env
NVM_DIR=/home/user/.nvm
SECONDS_OF_DW_RUN_BEFORE_IDLING=-1
WORKSPACE2534AB8A253446CF_SERVICE_SERVICE_PORT_WS_ROUTE=3030
HTTPD_DATA_ORIG_PATH=/var/www
PHP_SYSCONF_PATH=/etc
MODULES_RUN_QUARANTINE=LD_LIBRARY_PATH LD_PRELOAD
WORKSPACE2534AB8A253446CF_SERVICE_PORT_3030_TCP_PROTO=tcp
LANG=C.utf8
NODEJS_HOME_18=/home/tooling/.nvm/versions/node/v18.16.1
DEVWORKSPACE_CREATOR=
HISTCONTROL=ignoredups
HTTPD_DATA_PATH=/var/www
HOSTNAME=workspace2534ab8a253446cf-86b84c678c-6mvpt
OLDPWD=/projects
SDKMAN_CANDIDATES_API=https://api.sdkman.io/2
KUBECONFIG=/home/user/.kube/config
MAVEN_HOME=/home/tooling/.sdkman/candidates/maven/current
RUSTUP_HOME=/home/tooling/.rustup
CHE_PLUGIN_REGISTRY_INTERNAL_URL=http://plugin-registry.eclipse-che.svc:8080/v3
COLORTERM=truecolor
NVM_CD_FLAGS=
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13131_TCP_PORT=13131
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13133_TCP_PORT=13133
TKN_VERSION=1.13.0
JAVA_HOME=/home/tooling/.sdkman/candidates/java/current
KUBEDOCK_VERSION=0.13.0
DEVWORKSPACE_NAME=empty-otq3
VSCODE_GIT_ASKPASS_EXTRA_ARGS=
PHP_HTTPD_CONF_FILE=php.conf
KAMEL_VERSION=1.11.0
HTTPD_VAR_RUN=/var/run/httpd
DOTNET_ROOT=/usr/lib64/dotnet
CHE_PLUGIN_REGISTRY_URL=https://che.k8s.dbar.hdp.example.com/plugin-registry/v3
which_declare=declare -f
KUBERNETES_PORT_443_TCP_PROTO=tcp
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13133_TCP_PROTO=tcp
container=oci
CHE_DASHBOARD_URL=https://che.k8s.dbar.hdp.example.com
MODULES_CMD=/usr/share/Modules/libexec/modulecmd.tcl
DOTNET_BUNDLE_EXTRACT_BASE_DIR=/home/user/.cache/dotnet_bundle_extract
USER=user
MACHINE_EXEC_PORT=3333
JBANG_HOME=/home/tooling/.sdkman/candidates/jbang/current
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13131_TCP=tcp://10.106.130.156:13131
KUBERNETES_PORT=tcp://10.96.0.1:443
GRADLE_HOME=/home/tooling/.sdkman/candidates/gradle/current
WORKSPACE2534AB8A253446CF_SERVICE_PORT=tcp://10.106.130.156:3030
DEVWORKSPACE_METADATA=/devworkspace-metadata
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13132_TCP_PORT=13132
PWD=/home/user
SECONDS_OF_DW_INACTIVITY_BEFORE_IDLING=1800
HOME=/home/user
BROWSER=/checode/checode-linux-libc/bin/helpers/browser.sh
VSCODE_GIT_ASKPASS_NODE=/checode/checode-linux-libc/node
OPENVSX_REGISTRY_URL=https://open-vsx.org
NODEJS_HOME_20=/home/tooling/.nvm/versions/node/v20.7.0
TERM_PROGRAM=vscode
TERM_PROGRAM_VERSION=1.87.0
HTTPD_VAR_PATH=/var
PROFILE_EXT=/etc/profile.d/udi_environment.sh
JAVA_HOME_8=/home/tooling/.sdkman/candidates/java/8.0.332-tem
WORKSPACE2534AB8A253446CF_SERVICE_SERVICE_HOST=10.106.130.156
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13133_TCP_ADDR=10.106.130.156
KUBERNETES_SERVICE_PORT_HTTPS=443
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13133_TCP=tcp://10.106.130.156:13133
DEVWORKSPACE_NAMESPACE=gs-user-example-com-che-u6xtos
LOMBOK_VERSION=1.18.18
OC_VERSION=4.6
DEVWORKSPACE_POD_NAME=workspace2534ab8a253446cf-86b84c678c-6mvpt
KUBERNETES_PORT_443_TCP_PORT=443
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13132_TCP_PROTO=tcp
PROJECT_SOURCE=/projects
BUILDAH_ISOLATION=chroot
VSCODE_IPC_HOOK_CLI=/tmp/vscode-ipc-cb6b6737-0ec8-4473-bf47-bed839fef186.sock
NODEJS_18_VERSION=18.16.1
CARGO_HOME=/home/tooling/.cargo
LOADEDMODULES=
SDKMAN_DIR=/home/tooling/.sdkman
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
HTTPD_MODULES_CONF_D_PATH=/etc/httpd/conf.modules.d
MAIL=/var/spool/mail/user
SDKMAN_OLD_PWD=/home/user
NODEJS_20_VERSION=20.7.0
VSCODE_GIT_ASKPASS_MAIN=/checode/checode-linux-libc/extensions/git/dist/askpass-main.js
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13132_TCP_ADDR=10.106.130.156
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13131_TCP_ADDR=10.106.130.156
TERM=xterm-256color
GRAALVM_HOME=/home/tooling/.sdkman/candidates/java/22.1.0.0.r17-mandrel
NVM_BIN=/home/user/.nvm/versions/node/v18.16.1/bin
SDKMAN_CANDIDATES_DIR=/home/tooling/.sdkman/candidates
_BUILDAH_STARTED_IN_USERNS=
PHP_VERSION=7.4
WORKSPACE_NAME=empty-otq3
WORKSPACE2534AB8A253446CF_SERVICE_PORT_3030_TCP=tcp://10.106.130.156:3030
SHLVL=4
VSCODE_GIT_IPC_HANDLE=/tmp/vscode-git-c81a279304.sock
DASHBOARD_URL=https://che.k8s.dbar.hdp.example.com
MANPATH=/home/user/.nvm/versions/node/v18.16.1/share/man::
KUBERNETES_SERVICE_PORT=443
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13132_TCP=tcp://10.106.130.156:13132
MODULEPATH=/etc/scl/modulefiles:/etc/scl/modulefiles:/usr/share/Modules/modulefiles:/etc/modulefiles:/usr/share/modulefiles
WORKSPACE_NAMESPACE=gs-exampleuser-example-com-che-u6xtos
WORKSPACE2534AB8A253446CF_SERVICE_SERVICE_PORT_CODE_REDIRECT_2=13132
WORKSPACE2534AB8A253446CF_SERVICE_SERVICE_PORT_CODE_REDIRECT_3=13133
JAVA_HOME_17=/home/tooling/.sdkman/candidates/java/17.0.3-tem
WORKSPACE2534AB8A253446CF_SERVICE_SERVICE_PORT_CODE_REDIRECT_1=13131
JAVA_HOME_11=/home/tooling/.sdkman/candidates/java/11.0.15-tem
DEVWORKSPACE_FLATTENED_DEVFILE=/devworkspace-metadata/flattened.devworkspace.yaml
LOGNAME=user
DEVWORKSPACE_ORIGINAL_DEVFILE=/devworkspace-metadata/original.devworkspace.yaml
GIT_ASKPASS=/checode/checode-linux-libc/extensions/git/dist/askpass.sh
DOTNET_RPM_VERSION=6.0
WORKSPACE2534AB8A253446CF_SERVICE_PORT_3030_TCP_ADDR=10.106.130.156
MODULEPATH_modshare=/usr/share/Modules/modulefiles:2:/etc/modulefiles:2:/usr/share/modulefiles:2
PROJECTS_ROOT=/projects
GOBIN=/home/tooling/go/bin/
NODEJS_DEFAULT_VERSION=18.16.1
WORKSPACE2534AB8A253446CF_SERVICE_SERVICE_PORT=3030
WORKSPACE2534AB8A253446CF_SERVICE_PORT_13131_TCP_PROTO=tcp
DEVWORKSPACE_ID=workspace2534ab8a253446cf
PATH=/home/user/.krew/bin:/checode/checode-linux-libc/bin/remote-cli:/home/user/.local/bin:/home/user/bin:/home/tooling/.sdkman/candidates/jbang/current/bin:/home/user/.krew/bin:/home/user/.nvm/versions/node/v18.16.1/bin:/usr/share/Modules/bin:/home/tooling/.cargo/bin:/home/tooling/go/bin/:/home/tooling/.local/bin:/home/user/.local/bin:/home/tooling/.nvm/versions/node/v18.16.1/bin:/home/tooling/.local/share/coursier/bin:/home/tooling/.sdkman/candidates/gradle/current/bin:/home/tooling/.sdkman/candidates/java/current/bin:/home/tooling/.sdkman/candidates/maven/current/bin:/home/tooling/.krew/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/user/.dotnet/tools
HTTPD_MAIN_CONF_PATH=/etc/httpd/conf
SDKMAN_VERSION=5.13.0
PS1=[]\W git branch --show-current 2>/dev/null | sed -r -e "s@^(.+)@\(\1\) @"$ []
DEVWORKSPACE_IDLE_TIMEOUT=15m
MODULESHOME=/usr/share/Modules
NODE_EXTRA_CA_CERTS=/tmp/node-extra-certificates/ca.crt
NVM_INC=/home/user/.nvm/versions/node/v18.16.1/include/node
PHP_DEFAULT_INCLUDE_PATH=/usr/share/pear
HISTSIZE=1000
KUBERNETES_SERVICE_HOST=10.96.0.1
SDKMAN_PLATFORM=linuxx64
WORKSPACE2534AB8A253446CF_SERVICE_PORT_3030_TCP_PORT=3030
DEVWORKSPACE_COMPONENT_NAME=universal-developer-image
LESSOPEN=||/usr/bin/lesspipe.sh %s
HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d
BASH_FUNC_which%%=() { ( alias;
eval ${which_declare} ) | /usr/bin/which --tty-only --read-alias --read-functions --show-tilde --show-dot $@
}
BASH_FUNC_module%%=() { _module_raw "$@" 2>&1
}
BASH_FUNC__module_raw%%=() { unset _mlshdbg;
if [ "${MODULES_SILENT_SHELL_DEBUG:-0}" = '1' ]; then
case "$-" in
vx*)
set +vx;
_mlshdbg='vx'
;;
v)
set +v;
_mlshdbg='v'
;;
x)
set +x;
mlshdbg='x'
;;
)
_mlshdbg=''
;;
esac;
fi;
unset _mlre _mlIFS;
if [ -n "${IFS+x}" ]; then
_mlIFS=$IFS;
fi;
IFS=' ';
for _mlv in ${MODULES_RUN_QUARANTINE:-};
do
if [ "${_mlv}" = "${_mlv##[!A-Za-z0-9]}" -a "${_mlv}" = "${_mlv#[0-9]}" ]; then
if [ -n "eval 'echo ${'$_mlv'+x}'" ]; then
_mlre="${_mlre:-}${_mlv}_modquar='eval 'echo ${'$_mlv'}'' ";
fi;
mlrv="MODULES_RUNENV${_mlv}";
_mlre="${_mlre:-}${_mlv}='eval 'echo ${'$_mlrv':-}'' ";
fi;
done;
if [ -n "${_mlre:-}" ]; then
eval eval ${_mlre} /usr/bin/tclsh /usr/share/Modules/libexec/modulecmd.tcl bash '"$@"';
else
eval /usr/bin/tclsh /usr/share/Modules/libexec/modulecmd.tcl bash "$@";
fi;
_mlstatus=$?;
if [ -n "${_mlIFS+x}" ]; then
IFS=$_mlIFS;
else
unset IFS;
fi;
unset _mlre _mlv _mlrv _mlIFS;
if [ -n "${_mlshdbg:-}" ]; then
set -$_mlshdbg;
fi;
unset _mlshdbg;
return $_mlstatus
}
BASH_FUNC_switchml%%=() { typeset swfound=1;
if [ "${MODULES_USE_COMPAT_VERSION:-0}" = '1' ]; then
typeset swname='main';
if [ -e /usr/share/Modules/libexec/modulecmd.tcl ]; then
typeset swfound=0;
unset MODULES_USE_COMPAT_VERSION;
fi;
else
typeset swname='compatibility';
if [ -e /usr/share/Modules/libexec/modulecmd-compat ]; then
typeset swfound=0;
MODULES_USE_COMPAT_VERSION=1;
export MODULES_USE_COMPAT_VERSION;
fi;
fi;
if [ $swfound -eq 0 ]; then
echo "Switching to Modules $swname version";
source /usr/share/Modules/init/bash;
else
echo "Cannot switch to Modules $swname version, command not found";
return 1;
fi
}
BASH_FUNC_scl%%=() { if [ "$1" = "load" -o "$1" = "unload" ]; then
eval "module $@";
else
/usr/bin/scl "$@";
fi
}
BASH_FUNC_ml%%=() { module ml "$@"
}
_=/usr/bin/env
@gss2002 gss2002 added the kind/question Questions that haven't been identified as being feature requests or bugs. label Feb 8, 2024
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Feb 8, 2024
@svor svor added area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator area/che-server and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Feb 8, 2024
@svor
Copy link
Contributor

svor commented Feb 8, 2024
edited
Loading

Properties added for cheServer in Custom Resources like

spec:
  components:
    cheServer:
      debug: false
      extraProperties:
        MY_ENV: my_value

are injected into che pod:
screenshot-console-openshift-console apps rosa ei4kb-g7bfv-c77 eps1 p3 openshiftapps com-2024 02 08-21_12_49
but not into the workspace pod

maybe @tolusha @ibuziuk can provide an information how to configure proxy settings

@gss2002
Copy link
Author

gss2002 commented Feb 8, 2024

This is what made it work on k8s... shrug

vi che-cluster-config.patch
kind: CheCluster
apiVersion: org.eclipse.che/v2
spec:
components:
cheServer:
extraProperties:
CHE_OIDC_USERNAME__CLAIM: email
proxy:
nonProxyHosts:
- .example.com
- localhost
- .k8s.dbar.hdp.example.com
- .hdp.example.com
- .dbar.hdp.example.com
- 172.17.0.0/16
- 10.70.16.0/20
- 10.69.16.0/20
- 192.168.0.0/16
- 10.96.0.0/12
- .default.svc.cluster.local
- .svc.cluster.local
- .cluster.local
- .svc
- .metallb-system.svc
- 127.0.0.1
url: http://zproxy.example.com:9480
dashboard:

devEnvironments:
storage:
perUserStrategyPvcConfig:
storageClass: nfs-client-retain
pvcStrategy: per-user
networking:
auth:
oAuthClientName: "k8s-che"
oAuthSecret: "80dbdedaef1a3f934d4b8a6dae9c86a1bb8e"
identityProviderURL: "https://dex.k8s.dbar.hdp.example.com"

@tolusha tolusha added the area/doc Issues related to documentation label Feb 9, 2024
@tolusha
Copy link
Contributor

tolusha commented Feb 9, 2024

Let's keep this issue open until we add a section to the Eclipse Che documentation about proxy configuration.
Currently we mention proxy only here [1]

[1] https://eclipse.dev/che/docs/stable/administration-guide/checluster-custom-resource-fields-reference/#checluster-custom-resource-components-cheServer-proxy-settings

@tolusha tolusha moved this to 📅 Planned in Eclipse Che Team A Backlog Nov 20, 2024
@tolusha tolusha self-assigned this Nov 20, 2024
@tolusha tolusha mentioned this issue Nov 22, 2024
Merged
5 tasks
@tolusha tolusha moved this from 📅 Planned to Ready for Review in Eclipse Che Team A Backlog Nov 25, 2024
@tolusha
Copy link
Contributor

tolusha commented Nov 25, 2024

Fixed by eclipse-che/che-docs#2827

@tolusha tolusha closed this as completed Nov 25, 2024
@tolusha tolusha moved this from Ready for Review to ✅ Done in Eclipse Che Team A Backlog Nov 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tolusha tolusha

Labels
area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator area/doc Issues related to documentation kind/question Questions that haven't been identified as being feature requests or bugs.
Projects
Eclipse Che Team A Backlog
Status: ✅ Done
Milestone
No milestone
Development

No branches or pull requests
4 participants
@svor @tolusha @gss2002 @che-bot