On 09/08/2015 10:15 AM, Frank, Petric (Petric) wrote:
Hello,
after some "try and error" I got some workaround. I modified the ceph key URL
to use http instead of https.
The web server SSL key cert of ceph.org is not listed in any official CA.
Using wget for a test download i get:
root@proxmox4:~# wget -O xxx
https://git.ceph.com/?p=ceph.git;a=blob_plain;f=keys/release.asc
--2015-09-08 10:57:11-- https://git.ceph.com/?p=ceph.git
Resolving <proxy-host> (<proxy-host>)... xxx.xxx.xxx.xxx
Connecting <proxy-host> (<proxy-host>)|xxx.xxx.xxx.xxx|:8080... connected.
ERROR: The certificate of `git.ceph.com' is not trusted.
ERROR: The certificate of `git.ceph.com' hasn't got a known issuer.
It may be that the perl class LWP::UserAgent is not able to handle this.
No it is, AFAIK. It's the reason we use it instead of wget, quoting the
comments from the code:
# Note: wget on Debian wheezy cannot handle new ceph.com certificates, so
# we use LWP::UserAgent
Stupid question but can your proxy handle the https stuff?
So i temporarily patched /usr/bin/pveceph to use
http://git.ceph.com/?p=ceph.git;a=blob_plain;f=keys/release.asc to obtain the
PGP key.
you only modified the URL, and it worked? https should be preferred
though, to counter man in the middle attacks and other security issues.
Regards
Kind regards
Petric
-----Original Message-----
From: pve-user [mailto:pve-user-boun...@pve.proxmox.com] On Behalf Of
Thomas Lamprecht
Sent: Dienstag, 8. September 2015 09:38
To: pve-user@pve.proxmox.com
Subject: Re: [PVE-User] Ceph install failed
On 09/08/2015 09:30 AM, Frank, Petric (Petric) wrote:
Hello,
i got a little further.
After viewing the script i realized that i have to set the env
variables
http(s)_proxy
http://search.cpan.org/~ether/libwww-perl-
6.13/lib/LWP/UserAgent.pm#Proxy_attributes
look at the 'env_proxy' entry, but I think you figured that out
already.
After doing so (export http(s)_proxy=http://<proxy-server>:<proxy-
port>) i get another error:
you did:
> export http_proxy=http://...
you can also use:
http_proxy=http://... pveceph install -version hammer
root@proxmox4:~# pveceph install -version hammer
download and import ceph repository keys
unable to download ceph release key: 400 Bad Request
400 looks like it didn't has the completely correct proxy settings?
Any ideas ?
Kind regards
Petric
-----Original Message-----
From: pve-user [mailto:pve-user-boun...@pve.proxmox.com] On Behalf
Of
Frank, Petric (Petric)
Sent: Dienstag, 8. September 2015 08:51
To: pve-user@pve.proxmox.com
Subject: [PVE-User] Ceph install failed
Hello,
i tried to setup a ceph-cluster on machines located behind a http-
proxy. I followed the guide at
http://pve.proxmox.com/wiki/Ceph_Server
But I got this:
root@proxmox4:~# pveceph install -version hammer
download and import ceph repository keys
unable to download ceph release key: 500 Can't connect to
git.ceph.com:443 (timeout)
I've updated the proxy entries at /etc/wgetrc - also apt.conf was
updated to reflect the proxy server setting. But I got the same
output.
Is there another location to be provided with a proxy setting to get
this working ?
Installed is Proxmox 3.4 with the latest updates applied as of
today.
Kind regards
Petric
_______________________________________________
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
_______________________________________________
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
_______________________________________________
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
_______________________________________________
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
_______________________________________________
pve-user mailing list
pve-user@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user