# Proxy configuration
OpenShift Container Platform 4.2 introduces support for installing and updating an OpenShift Container Platform cluster through a corporate proxy server on user-provisioned infrastructure (UPI).
This release of the Reference Configuration for Red Hat OpenShift Container Platform (OCP) on HPE SimpliVity supports deploying OCP in environments that require the use of a proxy to access the internet. Configuration variables for the playbooks must be specified, while the Ansible controller itself must also be properly configured.
# Proxy configuration variables
All variables related to proxy configuration are described in the table below.
Variable | File | Description |
---|---|---|
http_proxy | group_vars/all/vars.yml | Hostname or IP address of the HTTP proxy server and the proxy port number separated by a colon. For example: "http://web-proxy.hpecloud.org:8080". Mandatory if proxy support is required. |
https_proxy | group_vars/all/vars.yml | Hostname or IP address of the HTTP proxy server and the proxy port number separated by a colon. Typically, this is identical to the http_proxy value.Mandatory if proxy support is required. |
no_proxy | group_vars/all/vars.yml | A comma-separated list of hostnames, IP addresses, or network ranges that should bypass the proxy server. The list should include: localhost, the configured domain name used to deploy the OCP cluster, the DHCP subnet CIDR, and the vCenter hostname. Mandatory if proxy support is required. |
A sample proxy configuration is provided in the file group_vars/all/vars.yml.sample
:
#
# Proxy Configuration
#
#http_proxy: "http://web-proxy.hpecloud.org:8080"
#https_proxy: "http://web-proxy.hpecloud.org:8080"
#no_proxy: "localhost,.{{ domain_name }},{{ dhcp_subnet }},{{ vcenter_hostname }}"
The sample no_proxy
value uses a number of variables (domain_name
, dhcp_subnet
and vcenter_hostname
)
as well as the name localhost
. After variable substitution, this would evaluate to a string similar to:
no_proxy: "localhost,.hpecloud.org,10.15.163.0/24,vcentergen10.am2.cloudra.local"
# Configuring the Ansible controller
The Ansible controller should be configured to match the proxy requirements for your environment. The only required proxy configuration on the Ansible node is to ensure that the solution playbooks can install any necessary software packages, such as a local HTTP server. This can be done, for example, by adding a proxy entry to the /etc/dnf/dnf.conf
file or by setting system-wide proxy settings in the /etc/environment
file.
The following is an example of how to configure a proxy server in the /etc/dnf/dnf.conf
file:
[main]
gpgcheck=1
installonly_limit=3
clean_requirements_on_remove=True
best=False
skip_if_unavailable=True
proxy=http://web-proxy.hpecloud.org:8080