From 1d467d5a34f446459dc5035b1ec7210fecce9931 Mon Sep 17 00:00:00 2001
From: Scott Dodson <sdodson@redhat.com>
Date: Thu, 11 Feb 2016 11:42:59 -0500
Subject: Add global proxy configuration

Configures HTTP_PROXY, HTTPS_PROXY, NO_PROXY for master and docker services.
Configugres BuildDefaults Admission controller for master to automatically
insert proxy environment configuration into build environments.

To use set at least these variables
  - openshift_http_proxy
  - openshift_https_proxy

NO_PROXY entries will automatically be configured for hostnames of all openshift
hosts. You may specify additional NO_PROXY hosts or patterns by setting
`openshift_no_proxy`

If you wish to disable automatic generation of NO_PROXY hosts you may set
`openshift_generate_no_proxy_hosts` to False.

If you wish to have different builddefaults proxy configuration than baseline
proxy configuration set these variables
  - openshift_builddefaults_http_proxy
  - openshift_builddefaults_https_proxy
  - openshift_builddefaults_no_proxy
  - openshift_builddefaults_git_http_proxy
  - openshift_builddefaults_git_https_proxy
---
 roles/openshift_master/meta/main.yml                     |  1 +
 .../templates/atomic-openshift-master.j2                 | 16 +++++++++++-----
 .../native-cluster/atomic-openshift-master-api.j2        | 15 ++++++++++-----
 .../atomic-openshift-master-controllers.j2               | 15 ++++++++++-----
 4 files changed, 32 insertions(+), 15 deletions(-)

(limited to 'roles/openshift_master')

diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml
index 0d4241e2c..e882e0b8b 100644
--- a/roles/openshift_master/meta/main.yml
+++ b/roles/openshift_master/meta/main.yml
@@ -15,5 +15,6 @@ dependencies:
 - role: openshift_docker
 - role: openshift_cli
 - role: openshift_cloud_provider
+- role: openshift_builddefaults
 - role: openshift_master_facts
 - role: openshift_hosted_facts
diff --git a/roles/openshift_master/templates/atomic-openshift-master.j2 b/roles/openshift_master/templates/atomic-openshift-master.j2
index 862cfa8f1..c70f3ec57 100644
--- a/roles/openshift_master/templates/atomic-openshift-master.j2
+++ b/roles/openshift_master/templates/atomic-openshift-master.j2
@@ -10,8 +10,14 @@ AWS_SECRET_ACCESS_KEY={{ openshift.cloudprovider.aws.secret_key }}
 {% endif %}
 
 # Proxy configuration
-# Origin uses standard HTTP_PROXY environment variables. Be sure to set
-# NO_PROXY for your master
-#NO_PROXY=master.example.com
-#HTTP_PROXY=http://USER:PASSWORD@IPADDR:PORT
-#HTTPS_PROXY=https://USER:PASSWORD@IPADDR:PORT
+# See https://docs.openshift.com/enterprise/latest/install_config/install/advanced_install.html#configuring-global-proxy
+{% if 'http_proxy' in openshift.common or 'https_proxy' in openshift.common %}
+HTTP_PROXY='{{ openshift.common.http_proxy | default('') }}'
+HTTPS_PROXY='{{ openshift.common.https_proxy | default('')}}'
+NO_PROXY='{{ openshift.common.no_proxy | default('') | join(',') }},{{ openshift.master.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }}'
+{% else %}
+#HTTP_PROXY=http://user:pass@proxy.example.com
+#HTTPS_PROXY=http://user:pass@proxy.example.com
+#NO_PROXY='.hosts.example.com'
+{% endif %}
+
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
index 69754ee10..549ebe5ab 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2
@@ -10,8 +10,13 @@ AWS_SECRET_ACCESS_KEY={{ openshift.cloudprovider.aws.secret_key }}
 {% endif %}
 
 # Proxy configuration
-# Origin uses standard HTTP_PROXY environment variables. Be sure to set
-# NO_PROXY for your master
-#NO_PROXY=master.example.com
-#HTTP_PROXY=http://USER:PASSWORD@IPADDR:PORT
-#HTTPS_PROXY=https://USER:PASSWORD@IPADDR:PORT
+# See https://docs.openshift.com/enterprise/latest/install_config/install/advanced_install.html#configuring-global-proxy
+{% if 'http_proxy' or 'https_proxy' in openshift.common %}
+HTTP_PROXY='{{ openshift.common.http_proxy | default('') }}'
+HTTPS_PROXY='{{ openshift.common.https_proxy | default('')}}'
+NO_PROXY='{{ openshift.common.no_proxy | default('') | join(',') }},{{ openshift.master.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }}'
+{% else %}
+#HTTP_PROXY=http://user:pass@proxy.example.com
+#HTTPS_PROXY=http://user:pass@proxy.example.com
+#NO_PROXY='.hosts.example.com'
+{% endif %}
diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
index 048a4305a..08dc87d2e 100644
--- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
+++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2
@@ -10,8 +10,13 @@ AWS_SECRET_ACCESS_KEY={{ openshift.cloudprovider.aws.secret_key }}
 {% endif %}
 
 # Proxy configuration
-# Origin uses standard HTTP_PROXY environment variables. Be sure to set
-# NO_PROXY for your master
-#NO_PROXY=master.example.com
-#HTTP_PROXY=http://USER:PASSWORD@IPADDR:PORT
-#HTTPS_PROXY=https://USER:PASSWORD@IPADDR:PORT
+# See https://docs.openshift.com/enterprise/latest/install_config/install/advanced_install.html#configuring-global-proxy
+{% if 'http_proxy' or 'https_proxy' in openshift.common %}
+HTTP_PROXY='{{ openshift.common.http_proxy | default('') }}'
+HTTPS_PROXY='{{ openshift.common.https_proxy | default('')}}'
+NO_PROXY='{{ openshift.common.no_proxy | default('') | join(',') }},{{ openshift.master.portal_net }},{{ openshift.master.sdn_cluster_network_cidr }}'
+{% else %}
+#HTTP_PROXY=http://user:pass@proxy.example.com
+#HTTPS_PROXY=http://user:pass@proxy.example.com
+#NO_PROXY='.hosts.example.com'
+{% endif %}
-- 
cgit v1.2.3