We can do a cf login in an environment that requires an (HTTP) proxy. But cf ic login fails. Is there something else we have to do? We were able to use cf ic login when switching to another network that doesn't use a proxy but that is no long term solution.
If you have an HTTP proxy server on your network between a host running the cf CLI and your Cloud Foundry API endpoint, you must set HTTP_PROXY with the hostname or IP address of the proxy server.
The HTTP_PROXY environment variable holds the hostname or IP address of your proxy server.
HTTP_Proxy is a standard environment variable. Like any environment variable, the specific steps you use to set it depends on your operating system.
For setting your http proxy, you should follow the instructions described at
http://docs.cloudfoundry.org/devguide/installcf/http-proxy.html
Related
I have a Laravel app which needs to connect to a secure external API with very strict access requirements. There is a handler hosted on AWS which has a bunch of signed certificates etc. The only way to connect to that API is via that specific server due to those requirements.
Now, to test things on my local machine, I do the following:
SSH to the server using the -D flag to set up a SOCKS proxy.
Use this socks to http package to convert the proxy.
Set up Postman's proxy settings to use that http proxy.
That all works fine and I can complete the requests as expected.
However, I'd like to be able to use the proxy in my local Laravel environment too, for which I use Sail.
The problem is that I'm unsure of how to get the container to interact with the proxy. Using the method above in my local machine, I can cURL the required endpoint just fine, but if I try to do it via the container itself, it refuses to connect.
Any help would be appreciated!
I have a problem - the build server is unable to push a docker image. All the layers were pushed, except one which fails with EOF.
I want to understand what HTTP traffic docker push generates.
Here is what I have done:
All the necessary actions to capture HTTPS as explained in https://samcogan.com/capturing-terraform-azure-cli-traffic-with-fiddler/ As a result I can see the Azure CLI traffic.
I set the HTTP_PROXY and HTTPS_PROXY environment variables to http://localhost:8888
But this is not enough for docker push, so the question is - what needs to be done for Fiddler to be able to intercept docker push HTTP traffic?
I understood my problem. docker CLI is a client - I knew that. But I thought that pushing an image is done by that client, not the service.
Well, I was wrong. It is the service all the way. So, HTTP_PROXY and HTTPS_PROXY must be set in the environment of the service. The build server does not have the Docker Desktop where these can be set in the GUI. Instead, it runs the dockerd.exe service. So, I must make sure the service is started from the context having these environment variables.
We are running Terraform v12.20 to provision infrastructure in AWS. We have installed Terraform on an EC2 instance and we need to have our corporate proxy configured in order to communicate with services outside our network. We have sts.amazonaws.com configured in our no_proxy. Terraform is not respecting the proxy configured in the environment variables because of which it's timing out trying to connect to sts.amazonaws.com. Here is the proxy that's configured on the instance.
http_proxy=XXX:YYY
https_proxy=XXX:YYY
HTTPS_PROXY=XXX:YYY
no_proxy=sts.amazonaws.com
NO_PROXY=sts.amazonaws.com
HTTP_PROXY=XXX:YYY
This is the error I'm getting when trying to run terraform init.
error validating provider credentials: error calling sts:GetCallerIdentity: RequestError: send request failed. caused by: Post https://sts.amazonaws.com/: dial tcp 54.239.21.217:443: i/o timeout
Can someone help me configure proxy with terraform?
Thank you.
It looks like it's doing exactly what you told it to. You say your environment requires an HTTP proxy to access the internet but you've put sts.amazonaws.com into no_proxy, which is the environment variable for sites you explicitly do not wish to proxy - hence terraform is not using your proxy to go to sts.amazonaws.com and it is failing. Simply put, remove sts.amazonaws.com from your no_proxy variable.
Hi im using Docker on windows 10 with a proxy.
Docker itself works fine with the proxy IP set correctly in the docker settings.
I can download images through docker.
The problem is that any container I want to run or build also needs these HTTP_PROXY and HHTPS_PROXY variables.
I can do this by adding it to build arguments, run arguments or the docker file.
However none of these solutions are perfect because they add machine specific variable values to either the docker files and/or the docker-compose files.
I have checked the MobyLinuxVM's values for these HTTP_PROXY and HHTPS_PROXY variables by hacking into it with this trick:
How to connect to docker VM (MobyLinux) from windows shell?
Eventhough these variables were displayed correctly any image that I run or dockerfile I build still needs to get these variables.
Is there a way that any container automatically gets these proxy environment variables from the docker deamon who already has them set?
I know Linux has this feature by nature, but it seems to be missing for Windows.
This does not provide a way to set those values or to get them in a container's context, but has stopped me from having to change my proxy settings every time I change IP addresses and keeps me from having to pass them to containers at runtime (builds are still a different story).
This works for me behind an NTLM-authenticating web proxy, even from home on VPN:
1) Get the IP address of the DummyDesperatePoitras virtual switch Docker for Windows creates (starts with 169.254., which is usually a non-routable IP)
2) Install CNTLM (not perfect, as it's not been updated in 5 years) and set it to listen on that "dummy" IP address
3) Use that "dummy" IP address as the proxy in Docker for Windows settings
4) Add your internal corporate DNS server's IP and the domain name to the daemon.json in Docker for Windows settings
Again, this works for running containers - I only have to deal with the proxy server when I run docker build, passing it along in the build-args. I've not found a way around that yet.
Detailed walkthrough: https://mandie.net/2017/12/10/docker-for-windows-behind-a-corporate-web-proxy-tips-and-tricks/
My advice is to use a tool to transparently route all your traffic to the proxy, without having to set any proxy configuration locally.
For windows there is proxifier. It will transparently route all the traffic from your host to the proxy.
I have web service client deployed on Glassfish v3. It needs to access a server that requires proxy access. I have a pac file (proxy auto config) but I don't if/how I can use this to configure my Glassfish instance so the my client can access the service. If it's not doable, is there another way to set up access to a proxied server?
Thanks!
I have not found any info on setting up proxy access with a PAC file, however you could set a hostname and port for a proxy server both for HTTP and HTTPS via JVM settings, see question here.
You could set up a proxy on your localhost, which could handle a PAC file or mask proxy authentication. I use Authoxy for this for my local server on Mac OS X, no doubt there are similar programs for other OSes. Then set up your Glassfish to connect via the proxy on your localhost.
In the end, I did not need to configure Glassfish with the pac file. :)