From 1469d0ab44aec370b48013f4eac93d9db78ad0da Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 1 Feb 2022 22:53:32 +0000 Subject: [PATCH 1/8] Added new section for air-gapped local cluster proxy configuration --- .../behind-proxy/launch-kubernetes/_index.md | 23 ++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md b/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md index b47128310e9..428bf5bd7f1 100644 --- a/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md +++ b/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md @@ -7,9 +7,11 @@ Once the infrastructure is ready, you can continue with setting up an RKE cluste ### Installing Docker +#### HTTP proxy + First, you have to install Docker and setup the HTTP proxy on all three Linux nodes. For this perform the following steps on all three nodes. -For convenience export the IP address and port of your proxy into an environment variable and set up the HTTP_PROXY variables for your current shell: +For convenience, export the IP address and port of your proxy into an environment variable and set up the HTTP_PROXY variables for your current shell: ``` export proxy_host="10.0.0.5:8888" @@ -58,6 +60,25 @@ sudo systemctl daemon-reload sudo systemctl restart docker ``` +#### Air-gapped proxy + +_New in v2.6.4_ + +You can now provision node driver clusters from a proxied Rancher environment. Configure apt to use this proxy when installing packages, including the additional rules shown. If you are not using Ubuntu, you have to adapt this step accordingly: + +``` +cat <<'EOF' | sudo tee /etc/apt/apt.conf.d/proxy.conf > /dev/null +Acquire::http::Proxy "http://${proxy_host}/"; +Acquire::https::Proxy "http://${proxy_host}/"; + +acl SSL_ports port 22 +acl SSL_ports port 2376 + +acl Safe_ports port 22 # ssh +acl Safe_ports port 2376 # docker port +EOF +``` + ### Creating the RKE Cluster You need several command line tools on the host where you have SSH access to the Linux nodes to create and interact with the cluster: From 07acc987eeafcd045f4258816ca6446ff4cea2e1 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Tue, 1 Feb 2022 22:53:53 +0000 Subject: [PATCH 2/8] Added new section for air-gapped local cluster proxy configuration --- .../single-node-docker/proxy/_index.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md b/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md index 1ac4a66c017..bb17439c85b 100644 --- a/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md +++ b/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md @@ -40,3 +40,19 @@ docker run -d --restart=unless-stopped \ ``` Privileged access is [required.]({{}}/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/#privileged-access-for-rancher) + +### Air-gapped local cluster proxy configuration + +_New in v2.6.4_ + +You can now provision node driver clusters from an air-gapped cluster configured to use a proxy for outbound connections. + +In addition to setting the default rules for a proxy server as shown above, you will need to add additional rules, shown below, to provision node driver clusters from a proxied Rancher environment. Note that you will configure `/etc/apt/apt.conf.d/proxy.conf` directly: + +``` +acl SSL_ports port 22 +acl SSL_ports port 2376 + +acl Safe_ports port 22 # ssh +acl Safe_ports port 2376 # docker port +``` From 8b8a6114f40333f28151fa3aae54afef2e506560 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 2 Feb 2022 15:52:00 +0000 Subject: [PATCH 3/8] Removed header --- .../behind-proxy/launch-kubernetes/_index.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md b/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md index 428bf5bd7f1..d52fb6b8873 100644 --- a/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md +++ b/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md @@ -7,8 +7,6 @@ Once the infrastructure is ready, you can continue with setting up an RKE cluste ### Installing Docker -#### HTTP proxy - First, you have to install Docker and setup the HTTP proxy on all three Linux nodes. For this perform the following steps on all three nodes. For convenience, export the IP address and port of your proxy into an environment variable and set up the HTTP_PROXY variables for your current shell: From 10c74f194f6c9d52e13beb8ebd3900a7c8d35a1c Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Wed, 2 Feb 2022 15:52:25 +0000 Subject: [PATCH 4/8] Updated new section header and content per feedback --- .../single-node-docker/proxy/_index.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md b/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md index bb17439c85b..22b8d494aa5 100644 --- a/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md +++ b/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md @@ -41,13 +41,15 @@ docker run -d --restart=unless-stopped \ Privileged access is [required.]({{}}/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/#privileged-access-for-rancher) -### Air-gapped local cluster proxy configuration +### Air-gapped proxy configuration _New in v2.6.4_ You can now provision node driver clusters from an air-gapped cluster configured to use a proxy for outbound connections. -In addition to setting the default rules for a proxy server as shown above, you will need to add additional rules, shown below, to provision node driver clusters from a proxied Rancher environment. Note that you will configure `/etc/apt/apt.conf.d/proxy.conf` directly: +In addition to setting the default rules for a proxy server as shown above, you will need to add additional rules, shown below, to provision node driver clusters from a proxied Rancher environment. Configure apt to use this proxy when installing packages; if you are not using Ubuntu, you have to adapt your configuration accordingly. + +You will configure `/etc/apt/apt.conf.d/proxy.conf` with the following: ``` acl SSL_ports port 22 From dcaf09244c6a40ded5231bf434b1a898146957b8 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 4 Feb 2022 14:56:53 +0000 Subject: [PATCH 5/8] Removed APT language per feedback --- .../behind-proxy/launch-kubernetes/_index.md | 11 +++++------ .../single-node-docker/proxy/_index.md | 6 +++--- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md b/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md index d52fb6b8873..386a9d1565b 100644 --- a/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md +++ b/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md @@ -62,19 +62,18 @@ sudo systemctl restart docker _New in v2.6.4_ -You can now provision node driver clusters from a proxied Rancher environment. Configure apt to use this proxy when installing packages, including the additional rules shown. If you are not using Ubuntu, you have to adapt this step accordingly: +You can now provision node driver clusters from an air-gapped cluster configured to use a proxy for outbound connections. + +In addition to setting the default rules for a proxy serverx, you will need to add additional rules, shown below, to provision node driver clusters from a proxied Rancher environment. + +Note that you will configure `/etc/apt/apt.conf.d/proxy.conf` directly: ``` -cat <<'EOF' | sudo tee /etc/apt/apt.conf.d/proxy.conf > /dev/null -Acquire::http::Proxy "http://${proxy_host}/"; -Acquire::https::Proxy "http://${proxy_host}/"; - acl SSL_ports port 22 acl SSL_ports port 2376 acl Safe_ports port 22 # ssh acl Safe_ports port 2376 # docker port -EOF ``` ### Creating the RKE Cluster diff --git a/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md b/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md index 22b8d494aa5..a8c4784f6fa 100644 --- a/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md +++ b/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md @@ -45,9 +45,9 @@ Privileged access is [required.]({{}}/rancher/v2.6/en/installation/othe _New in v2.6.4_ -You can now provision node driver clusters from an air-gapped cluster configured to use a proxy for outbound connections. +You can now provision node driver clusters from an air-gapped cluster configured to use a proxy for outbound connections. -In addition to setting the default rules for a proxy server as shown above, you will need to add additional rules, shown below, to provision node driver clusters from a proxied Rancher environment. Configure apt to use this proxy when installing packages; if you are not using Ubuntu, you have to adapt your configuration accordingly. +In addition to setting the default rules for a proxy server as shown above, you will need to add additional rules, shown below, to provision node driver clusters from a proxied Rancher environment. You will configure `/etc/apt/apt.conf.d/proxy.conf` with the following: @@ -57,4 +57,4 @@ acl SSL_ports port 2376 acl Safe_ports port 22 # ssh acl Safe_ports port 2376 # docker port -``` +``` \ No newline at end of file From 0287690a4dcbc964f158fc1ffd3388471c16605d Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 4 Feb 2022 14:58:49 +0000 Subject: [PATCH 6/8] Fixed typo --- .../behind-proxy/launch-kubernetes/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md b/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md index 386a9d1565b..9af74298d6b 100644 --- a/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md +++ b/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md @@ -64,7 +64,7 @@ _New in v2.6.4_ You can now provision node driver clusters from an air-gapped cluster configured to use a proxy for outbound connections. -In addition to setting the default rules for a proxy serverx, you will need to add additional rules, shown below, to provision node driver clusters from a proxied Rancher environment. +In addition to setting the default rules for a proxy server, you will need to add additional rules, shown below, to provision node driver clusters from a proxied Rancher environment. Note that you will configure `/etc/apt/apt.conf.d/proxy.conf` directly: From 6f176629ff06356f1cb39887466a6f749fcb0262 Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 4 Feb 2022 22:20:29 +0000 Subject: [PATCH 7/8] Added note on filepath name per feedback --- .../behind-proxy/launch-kubernetes/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md b/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md index 9af74298d6b..41428448b27 100644 --- a/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md +++ b/content/rancher/v2.6/en/installation/other-installation-methods/behind-proxy/launch-kubernetes/_index.md @@ -66,7 +66,7 @@ You can now provision node driver clusters from an air-gapped cluster configured In addition to setting the default rules for a proxy server, you will need to add additional rules, shown below, to provision node driver clusters from a proxied Rancher environment. -Note that you will configure `/etc/apt/apt.conf.d/proxy.conf` directly: +You will configure your filepath according to your setup, e.g., `/etc/apt/apt.conf.d/proxy.conf`: ``` acl SSL_ports port 22 From 3e3a4219b6b0484d70060d0362894fce5a84befe Mon Sep 17 00:00:00 2001 From: Jennifer Travinski Date: Fri, 4 Feb 2022 22:20:50 +0000 Subject: [PATCH 8/8] Added note on filepath name per feedback --- .../single-node-docker/proxy/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md b/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md index a8c4784f6fa..37d3d2cfc00 100644 --- a/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md +++ b/content/rancher/v2.6/en/installation/other-installation-methods/single-node-docker/proxy/_index.md @@ -49,7 +49,7 @@ You can now provision node driver clusters from an air-gapped cluster configured In addition to setting the default rules for a proxy server as shown above, you will need to add additional rules, shown below, to provision node driver clusters from a proxied Rancher environment. -You will configure `/etc/apt/apt.conf.d/proxy.conf` with the following: +You will configure your filepath according to your setup, e.g., `/etc/apt/apt.conf.d/proxy.conf`: ``` acl SSL_ports port 22