New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
minion daemon fails to install packages when environment requires http proxy #21985
Comments
I found a solution that worked. Added proxy to /etc/yum.conf |
You can also add it to a
|
I think |
@basepi what I meant is that I expected some parameter in the minion config to set the proxy. |
Ya, we wouldn't want to do it as part of the config. However, we could potentially add some sort of state or module to enable this configuration for you, and then you could add it to your workflow. I'm going to mark this as a feature. |
+1 |
I don't think why not load |
I agree with @dove-young ; It's basically a function of the packaging manager. See also #18120 |
Looks like this problem has been open since March, is anyone doing anything about it? Running a salt-minion behind a web proxy should be very common and there has to be a simple way of doing it. |
@andretost I think you're misunderstanding, this doesn't have to do with installing salt, but rather installing packages using salt. When salt calls out to yum, yum is not properly using the proxy. I think the solution is likely that we just need to add the ability to set the system-wide proxy so that yum will follow it. |
Yes, I realize that, sorry if I sounded confused. :-) I wasn't referring to installing salt. In my concrete case, I am using archive.extracted with a source URL that is behind a proxy. And I set the proxy in /etc/environment. I have a state that runs apt-get in a cmd.run and that works fine (only if I call salt-minion-d, not when I do service salt-minion start). But archive.extracted does not, and posts I found suggest that it is file.managed causing my problem. |
Interesting. Was the proxy configured when the minion was started? We may have to look into making sure the minion leverages those environment variables. |
I have the proxy defined in /etc/environment before installing the minion. I use the bootstrap script to install the minion (including the -H option with the proxy), which also starts it.
Note, though, that I do all this from within an Openstack Heat template, which uses cloud-init to run the logic above. If I simply ssh into my VM and run 'salt-minion -d' from there, it properly picks up the proxy definition. So I take that cloud-init does not pick up stuff from /etc/environment. |
Yes, it would be useful to be able to just set it in the minion config. I'm just unsure of the best way to then inject that into the running environment for the minion. It will take some investigation. |
I've done a PR which has been merged which addresses some of these issues, basically you can define: proxy_host/proxy_port/proxy_username/proxy_password in the /etc/salt/minion config and the file.managed resources will use the proxy supplied |
Old thread. Working solution for my setup. I've found that upstart does not support /etc/environment, so salt-minion gets started with no environment. If you modify the /etc/init/salt-minion.conf to do "exec su root -c salt-minion" then it starts salt-minion with the environment set |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue. |
My environment requires access via http proxy.
I use RHEL 6.4 and run salt-minion as a service.
When I try to use state.sls to install packages, I get failures ("Error Downloading Packages" in log)
I have tried setting htt_proxy, https_proxy in ~root/.profile and also in /etc/environment (and re-starting the minion service) but that does not work.
I found prior issues on this:
#5937
#13786
but no indication of what the final resolution is, if any.
The text was updated successfully, but these errors were encountered: