Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BZ1866692: Removed broken MITM transparent proxy information #38550

Merged
merged 1 commit into from Dec 9, 2021
Merged

BZ1866692: Removed broken MITM transparent proxy information #38550

merged 1 commit into from Dec 9, 2021

Conversation

ctauchen
Copy link
Contributor

@ctauchen ctauchen commented Nov 10, 2021
edited

This PR removes information about configuring MITM transparent proxies during installation, which isn't currently possible.

See https://bugzilla.redhat.com/show_bug.cgi?id=1866692

Applies to 4.6+

Representative preview: https://deploy-preview-38550--osdocs.netlify.app/openshift-enterprise/latest/installing/installing_aws/installing-aws-network-customizations.html#installation-configure-proxy_installing-aws-network-customizations

See also:

// RFE to allow MITM transparent proxy configuration during installation
https://issues.redhat.com/browse/RFE-2181

// Docs issue to add day-2 transparent proxy configuration procedure
https://issues.redhat.com/browse/OSDOCS-2945

@openshift-ci openshift-ci bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Nov 10, 2021
@netlify
Copy link

netlify bot commented Nov 10, 2021
edited

✔️ Deploy Preview for osdocs ready!

🔨 Explore the source changes: deb9043

🔍 Inspect the deploy log: https://app.netlify.com/sites/osdocs/deploys/61b1f19d2d0b1c00085cc86f

😎 Browse the preview: https://deploy-preview-38550--osdocs.netlify.app

@ctauchen
Copy link
Contributor Author

@jiajliu Can you take a look?

@jiajliu
Copy link

jiajliu commented Nov 10, 2021

I'm not sure if any problems after we remove the workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1782900. @sdodson @patrickdillon Could you help confirm for the change? Also cc installer QE @gpei

@ctauchen
Copy link
Contributor Author

cc @kalexand-rh

@gpei
Copy link

gpei commented Nov 11, 2021
edited

I think what we clarified in another PR that

If you provide `additionalTrustBundle` and at least one proxy setting, the `Proxy` object is configured to reference the `user-ca-bundle` config map in the `trustedCA` field

which is also applicable for this case an MITM transparent proxy network that does not require additional proxy configuration but requires additional CAs, so for now, at least one proxy setting is required.

If we want to add additionalTrustBundle to proxy but without specify any proxy settings, or just set noProxy to *, this should be something we expected from https://issues.redhat.com/browse/RFE-2181.

@jiajliu
Copy link

jiajliu commented Nov 12, 2021

@ctauchen As for noProxy to * you asked, i think noProxy to * is also the same issue with httpProxy: ''. So if we want to use openshift-install binary to create cluster or configs with this config, i think it's not possible now. Although we can change Proxy setting in manifest file as a workaround(like the way in https://bugzilla.redhat.com/show_bug.cgi?id=1782900#c0). But since the pr is about configuring install-config.yaml, so lgtm. Please correct me if @gpei has different opinion.

@ctauchen
Copy link
Contributor Author

ctauchen commented Nov 16, 2021
edited

I'm not sure if any problems after we remove the workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1782900. @sdodson @patrickdillon Could you help confirm for the change? Also cc installer QE @gpei

@sdodson @patrickdillon

Can you confirm that removing these lines isn't going to cause problems?

The plan, for now:

@ctauchen ctauchen modified the milestones: Future Release, Next Release Nov 16, 2021
@sdodson
Copy link
Member

sdodson commented Nov 29, 2021

If it's not working as documented then removing the suggestion that it works seems unlikely to cause additional issues.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Nov 29, 2021
@ctauchen ctauchen added the peer-review-needed Signifies that the peer review team needs to review this PR label Nov 30, 2021
@mjpytlak
Copy link
Contributor

/lgtm

@jeana-redhat jeana-redhat added peer-review-done Signifies that the peer review team has reviewed this PR and removed peer-review-needed Signifies that the peer review team needs to review this PR labels Nov 30, 2021
@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Dec 9, 2021
@openshift-ci
Copy link

openshift-ci bot commented Dec 9, 2021

New changes are detected. LGTM label has been removed.

@ctauchen ctauchen merged commit cd10e67 into openshift:main Dec 9, 2021
@ctauchen
Copy link
Contributor Author

ctauchen commented Dec 9, 2021

/cherrypick 4.10

@ctauchen
Copy link
Contributor Author

ctauchen commented Dec 9, 2021

/cherrypick enterprise-4.10

@openshift-cherrypick-robot
Copy link

@ctauchen: cannot checkout 4.10: error checking out 4.10: exit status 1. output: error: pathspec '4.10' did not match any file(s) known to git

In response to this:

/cherrypick 4.10

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-cherrypick-robot
Copy link

@ctauchen: new pull request created: #39674

In response to this:

/cherrypick enterprise-4.10

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Dec 9, 2021
Merged
@ctauchen
Copy link
Contributor Author

ctauchen commented Dec 9, 2021

/cherrypick enterprise-4.9

@ctauchen
Copy link
Contributor Author

ctauchen commented Dec 9, 2021

/cherrypick enterprise-4.8

@ctauchen
Copy link
Contributor Author

ctauchen commented Dec 9, 2021

/cherrypick enterprise-4.7

@ctauchen
Copy link
Contributor Author

ctauchen commented Dec 9, 2021

/cherrypick enterprise-4.6

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Dec 9, 2021
Merged
@openshift-cherrypick-robot
Copy link

@ctauchen: new pull request created: #39675

In response to this:

/cherrypick enterprise-4.9

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Dec 9, 2021
Merged
@openshift-cherrypick-robot
Copy link

@ctauchen: new pull request created: #39676

In response to this:

/cherrypick enterprise-4.8

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-cherrypick-robot
Copy link

@ctauchen: #38550 failed to apply on top of branch "enterprise-4.7":

Applying: BZ1866692 Removed broken MITM transparent proxy information
Using index info to reconstruct a base tree...
M	modules/installation-configure-proxy.adoc
Falling back to patching base and 3-way merge...
Auto-merging modules/installation-configure-proxy.adoc
CONFLICT (content): Merge conflict in modules/installation-configure-proxy.adoc
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 BZ1866692 Removed broken MITM transparent proxy information
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherrypick enterprise-4.7

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-cherrypick-robot
Copy link

@ctauchen: #38550 failed to apply on top of branch "enterprise-4.6":

Applying: BZ1866692 Removed broken MITM transparent proxy information
Using index info to reconstruct a base tree...
M	modules/installation-configure-proxy.adoc
Falling back to patching base and 3-way merge...
Auto-merging modules/installation-configure-proxy.adoc
CONFLICT (content): Merge conflict in modules/installation-configure-proxy.adoc
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 BZ1866692 Removed broken MITM transparent proxy information
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherrypick enterprise-4.6

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

This was referenced Dec 9, 2021
Merged
Merged
@mrbarge mrbarge mentioned this pull request Dec 16, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@sdodson sdodson

@mjpytlak mjpytlak

Labels
branch/enterprise-4.6 branch/enterprise-4.7 branch/enterprise-4.8 branch/enterprise-4.9 branch/enterprise-4.10 peer-review-done Signifies that the peer review team has reviewed this PR size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
Next Release
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@ctauchen @jiajliu @gpei @sdodson @mjpytlak @openshift-cherrypick-robot @jeana-redhat