-
Task
-
Resolution: Done
-
Undefined
-
None
-
False
-
None
-
False
-
No
-
-
Prerequisite: Start with what we have
Describe the changes in the doc and link to your dev story
Add example configuration for proxy fields to the infraenv and add a note saying that noProxy needs to reference individual IPs (rather than a CIDR range) for IPv6 addresses.
Specifically I'd expect the infraEnv example to look something like this:
apiVersion: agent-install.openshift.io/v1beta1
kind: InfraEnv
metadata:
name: myinfraenv
namespace: demo-worker4
spec:
clusterRef:
name: single-node 1
namespace: demo-worker4 2
pullSecretRef:
name: pull-secret
sshAuthorizedKey: <your_public_key_here> 3
nmStateConfigLabelSelector:
matchLabels:
demo-nmstate-label: value 4
proxy: 5
httpProxy: http://USERNAME:PASSWORD@proxy.example.com:PORT
httpsProxy: https://USERNAME:PASSWORD@proxy.example.com:PORT
noProxy: .example.com,172.22.0.0/24,10.10.0.0/24
1. ...
2. ...
3. ...
4. ...
5. Optional: You can specify proxy settings required by the host during discovery in the proxy section.
NOTE: When provisioning with IPv6, you cannot define a CIDR address block in the noProxy settings. You must define each address separately.
This note was taken from the corresponding note in the OCP docs here: https://docs.openshift.com/container-platform/4.15/installing/installing_bare_metal_ipi/ipi-install-installation-workflow.html#ipi-install-setting-proxy-settings-within-install-config_ipi-install-installation-workflow
The bug this works around is https://issues.redhat.com/browse/ACM-9978
Provide info for the following steps:
1. - [x] Mandatory Add the required version to the Fix version/s field.
2. - [x] Mandatory Choose the type of documentation change.
- [ ] New topic in an existing section or new section
- [x] Update to an existing topic
3. - [ ] Mandatory for GA content:
- [x] Add steps and/or other important conceptual information here: No new steps, just adding some more example data and a note.
- [x] Add Required access level for the user to complete the task here: Same access as is required to create an infraenv today.
- [x] Add verification at the end of the task, how does the user verify success (a command to run or a result to see?): If the user required some traffic within an ipv6 network to not be proxied, but they provided a CIDR rather than individual addresses that traffic would be proxied.
In most cases it would mean that the agent would likely not be able to register (assuming traffic from the hosts to the hub would not be proxied).
- [x] Add link to dev story here: https://issues.redhat.com/browse/ACM-9978
4. - [ ] Mandatory for bugs: What is the diff? Clearly define what the problem is, what the change is, and link to the current documentation:
