Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to consume officially supported sysext extensions behind proxy #1520

Open
markafarrell opened this issue Aug 23, 2024 · 2 comments
Open

Unable to consume officially supported sysext extensions behind proxy #1520

markafarrell opened this issue Aug 23, 2024 · 2 comments
Labels
kind/bug Something isn't working

Comments

@markafarrell
Copy link

Description

I am unable to consume officially supported sysext extensions where flatcar is behind a proxy (i.e. does not have direct internet access)

Impact

This means I am unable to consume the official sysext extensions when my flatcar host does not have direct internet access

Environment and steps to reproduce

Using flatcar version 4054.0.0 on openstack

  1. Enable zfs sysext extension by adding it to /etc/flatcar/enabled-sysext.conf using ignition.
  2. Configure global proxy settings as per https://www.flatcar.org/docs/latest/setup/systemd/environment-variables/#system-wide-environment-variables
  3. Create flatcar server
  4. image

Expected behavior

Flatcar is able to download sysext extension image using proxy server

Additional information

I believe the sysext extensions are downloaded by https://github.com/flatcar/bootengine/blob/flatcar-master/dracut/99setup-root/initrd-setup-root-after-ignition#L136
@markafarrell markafarrell added the kind/bug Something isn't working label Aug 23, 2024
@jepio
Copy link
Member

jepio commented Aug 26, 2024

As a workaround, I think initially fetching the sysext through ignition would allow to pass proxy information:

variant: flatcar
version: 1.0.0
storage:
  files:
  - path: /etc/flatcar/sysext/flatcar-zfs-4054.0.0.raw
    contents:
      source: https://alpha.release.flatcar-linux.net/amd64-usr/4054.0.0/flatcar-zfs.raw
    verification:
      hash:  sha512-76bf45a0c76063532b15af5ebc702a147c734e80e7d0392119f20d0a2ac3de4bfa19afb713389dcaa13e6a0ca0a445830ac9ce5fb01f8dde719d00422955e96a
  - path: /etc/flatcar/enabled-sysext.conf
    mode: 0600
    append:
    - inline: zfs

@markafarrell
Copy link
Author

For reference the workaround ended up being:

---
variant: flatcar
version: 1.0.0
ignition:
  proxy:
    http_proxy: http://my-proxy:3128
    https_proxy: http://my-proxy:3128
kernel_arguments:
  should_exist:
  - ip=<my-host-ip>::<my-gateway-ip>:<my-netmask>::eth0:none:<my-dns-server>
storage:
  files:
  - contents:
      inline: |-
        zfs
        python
    mode: 384
    path: "/etc/flatcar/enabled-sysext.conf"
  - contents:
      source: https://alpha.release.flatcar-linux.net/amd64-usr/4054.0.0/flatcar-zfs.raw
      verification:
        hash: sha512-76bf45a0c76063532b15af5ebc702a147c734e80e7d0392119f20d0a2ac3de4bfa19afb713389dcaa13e6a0ca0a445830ac9ce5fb01f8dde719d00422955e96a
    path: "/etc/flatcar/sysext/flatcar-zfs-4054.0.0.raw"
  - contents:
      source: https://alpha.release.flatcar-linux.net/amd64-usr/4054.0.0/flatcar-python.raw
      verification:
        hash: sha512-37fe9b15ebf8d1106b2c384a40abaa621b9f42c82f4cb17ea413f8d96d0764a54eeea5b56840aad65176db392bf750b36740773b433ee8820806dd22bed58ace
    path: "/etc/flatcar/sysext/flatcar-python-4054.0.0.raw"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Something isn't working
Projects
Flatcar tactical, release planning, and roadmap
Status: 📝 Needs Triage
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jepio @markafarrell