rancher
/
elemental-docs
mirror of https://github.com/rancher/elemental-docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
elemental-docs/docs/elemental_behind_proxy.md

3.5 KiB
Raw Permalink Blame History

sidebar_label title
Elemental behind proxy
<head> </head>

import RegistrationProxy from "!!raw-loader!@site/examples/proxy/registration-proxy.yaml" import SeedimageProxy from "!!raw-loader!@site/examples/proxy/seedimage-proxy.yaml" import ClusterProxy from "!!raw-loader!@site/examples/proxy/cluster-proxy.yaml"

Introduction

In a lot of enterprise environments, servers or VMs running on premises do not have direct Internet access. Instead, the connection to external services is done through a HTTP(S) proxy for security reasons. This tutorial shows you how to set up an Elemental deployment in such an environment.

:::caution important note This guide will not cover the Rancher installation behind a proxy. It's a different use case and you can find the detailed documentation here. :::

:::info info For this documentation, we assume you are using a SUSE family system (like SLE Micro), so proxy settings have to be written in /etc/sysconfig/proxy. :::

Proxy settings must be configured in the following locations:

  • Machine Registration Endpoint
  • SeedImage resource
  • Elemental cluster configuration

The elemental-system-agent needs proxy settings to reach the Rancher Manager. To achieve that, you need to fill the cloud-init section of the Machine Registration Endpoint.

You can do it either with UI or CLI.

{RegistrationProxy}

Add proxy settings in Machine Registration

Elemental-register

Elemental-register is the first communication endpoint between the new host and Rancher Manager, this is the first place where proxy settings need to be set.

:::warning warning At the time of writing, it's only possible to configure proxy settings for the ISO with the CLI. The proxy settings aren't implemented in the UI. :::

The process happens when you boot your Elemental ISO for the first time, in order to configure the proxy settings you have to include a cloud-init definition in the ISO. To do that, you have to create a SeedImage definition.

{SeedimageProxy}

Apply the YAML with kubectl and then, print your SeedImage definition to get the URL to download it:

kubectl apply -f <my_seedimage_yaml_file>
kubectl get seedimage <seed_image_name> -n <namespace> -o yaml

Boot the ISO and you should see your new system appears in Machine inventory.

Create Elemental cluster

For this step, you can use either the UI or CLI.

{ClusterProxy} You can see that proxy settings are added below `agentEnvVars`.

Add proxy settings for Elemental cluster