Hello, http is correct - in our environment. Also used for ftp requests (like given in wgetrc), because we do not have an ftp proxy.
For example in the Firefox network config the proxy-protocol is not given, but used for all requested protocols. Kind regards Petric > -----Original Message----- > From: pve-user [mailto:[email protected]] On Behalf Of > Thomas Lamprecht > Sent: Dienstag, 8. September 2015 11:37 > To: [email protected] > Subject: Re: [PVE-User] Ceph install failed > > > > On 09/08/2015 11:32 AM, Frank, Petric (Petric) wrote: > > Hello, > > > > no, "https_proxy=http://<proxy-host>:<proxy-port> pveceph install - > version hammer" does not work. > hmm, shouldn't there be https://<proxy-host>:<proxy-port> ... > (note the s ) or am I mistaken? > > > It aborts in the PGP-key getting phase. > > > > Kind regards > > Petric > > > > > >> -----Original Message----- > >> From: Thomas Lamprecht [mailto:[email protected]] > >> Sent: Dienstag, 8. September 2015 11:18 > >> To: Frank, Petric (Petric); [email protected] > >> Subject: Re: [PVE-User] Ceph install failed > >> > >> > >> > >> On 09/08/2015 10:43 AM, Frank, Petric (Petric) wrote: > >>> Hello, > >>> > >>> yes, our proxy is able to handle this: > >>> > >>> root@proxmox4:~# wget --no-check-certificate -O xxx > >> https://git.ceph.com/?p=ceph.git;a=blob_plain;f=keys/release.asc > >>> --2015-09-08 11:29:39-- https://git.ceph.com/?p=ceph.git > >>> Resolving <proxy-host> (<proxy-host>)... xxx.xxx.xxx.xxx > >>> Connecting to <proxy-host> (<proxy-host>)| xxx.xxx.xxx.xxx > >> |:8080... connected. > >>> WARNING: The certificate of `git.ceph.com' is not trusted. > >>> WARNING: The certificate of `git.ceph.com' hasn't got a known > >> issuer. > >>> Proxy request sent, awaiting response... 200 OK > >>> Length: 34372 (34K) [text/html] > >>> Saving to: `xxx' > >>> > >>> > >> > 100%[================================================================== > >> ======>] 34,372 71.4K/s in 0.5s > >>> 2015-09-08 11:29:46 (71.4 KB/s) - `xxx' saved [34372/34372] > >>> > >>> As you can see i simply disabled cert checks. > >> Unusable for general use, as we _want_ cert checks, else https is > >> unsecure. > >> > >> Only to know, > >> > >> https_proxy=https://your.proxy pveceph install -version hammer > >> > >> didn't work? > >>> Kind regards > >>> Petric > >>> > >>>> -----Original Message----- > >>>> From: pve-user [mailto:[email protected]] On Behalf > >> Of > >>>> Thomas Lamprecht > >>>> Sent: Dienstag, 8. September 2015 10:30 > >>>> To: [email protected] > >>>> Subject: Re: [PVE-User] Ceph install failed > >>>> > >>>> > >>>> > >>>> On 09/08/2015 10:15 AM, Frank, Petric (Petric) wrote: > >>>>> Hello, > >>>>> > >>>>> after some "try and error" I got some workaround. I modified the > >>>>> ceph > >>>> key URL to use http instead of https. > >>>>> The web server SSL key cert of ceph.org is not listed in any > >>>>> official > >>>> CA. > >>>>> Using wget for a test download i get: > >>>>> > >>>>> root@proxmox4:~# wget -O xxx > >>>> https://git.ceph.com/?p=ceph.git;a=blob_plain;f=keys/release.asc > >>>>> --2015-09-08 10:57:11-- https://git.ceph.com/?p=ceph.git > >>>>> Resolving <proxy-host> (<proxy-host>)... xxx.xxx.xxx.xxx > >>>>> Connecting <proxy-host> (<proxy- > host>)|xxx.xxx.xxx.xxx|:8080... > >>>> connected. > >>>>> ERROR: The certificate of `git.ceph.com' is not trusted. > >>>>> ERROR: The certificate of `git.ceph.com' hasn't got a known > >>>> issuer. > >>>>> It may be that the perl class LWP::UserAgent is not able to > handle > >>>> this. > >>>> No it is, AFAIK. It's the reason we use it instead of wget, > quoting > >>>> the comments from the code: > >>>>> # Note: wget on Debian wheezy cannot handle new ceph.com > >>>> certificates, > >>>>> so # we use LWP::UserAgent > >>>> Stupid question but can your proxy handle the https stuff? > >>>>> So i temporarily patched /usr/bin/pveceph to use > >>>> http://git.ceph.com/?p=ceph.git;a=blob_plain;f=keys/release.asc to > >>>> obtain the PGP key. > >>>> you only modified the URL, and it worked? https should be > preferred > >>>> though, to counter man in the middle attacks and other security > >> issues. > >>>> Regards > >>>>> Kind regards > >>>>> Petric > >>>>> > >>>>> > >>>>>> -----Original Message----- > >>>>>> From: pve-user [mailto:[email protected]] On > >>>>>> Behalf > >>>> Of > >>>>>> Thomas Lamprecht > >>>>>> Sent: Dienstag, 8. September 2015 09:38 > >>>>>> To: [email protected] > >>>>>> Subject: Re: [PVE-User] Ceph install failed > >>>>>> > >>>>>> > >>>>>> > >>>>>> On 09/08/2015 09:30 AM, Frank, Petric (Petric) wrote: > >>>>>>> Hello, > >>>>>>> > >>>>>>> i got a little further. > >>>>>>> > >>>>>>> After viewing the script i realized that i have to set the env > >>>>>> variables > >>>>>>> http(s)_proxy > >>>>>> http://search.cpan.org/~ether/libwww-perl- > >>>>>> 6.13/lib/LWP/UserAgent.pm#Proxy_attributes > >>>>>> > >>>>>> look at the 'env_proxy' entry, but I think you figured that out > >>>>>> already. > >>>>>>> After doing so (export http(s)_proxy=http://<proxy- > >> server>:<proxy- > >>>>>> port>) i get another error: > >>>>>> you did: > >>>>>> > export http_proxy=http://... > >>>>>> > >>>>>> you can also use: > >>>>>> http_proxy=http://... pveceph install -version hammer > >>>>>>> root@proxmox4:~# pveceph install -version hammer > >>>>>>> download and import ceph repository keys > >>>>>>> unable to download ceph release key: 400 Bad Request > >>>>>> 400 looks like it didn't has the completely correct proxy > >> settings? > >>>>>>> Any ideas ? > >>>>>>> > >>>>>>> Kind regards > >>>>>>> Petric > >>>>>>> > >>>>>>>> -----Original Message----- > >>>>>>>> From: pve-user [mailto:[email protected]] On > >>>>>>>> Behalf > >>>>>> Of > >>>>>>>> Frank, Petric (Petric) > >>>>>>>> Sent: Dienstag, 8. September 2015 08:51 > >>>>>>>> To: [email protected] > >>>>>>>> Subject: [PVE-User] Ceph install failed > >>>>>>>> > >>>>>>>> Hello, > >>>>>>>> > >>>>>>>> i tried to setup a ceph-cluster on machines located behind a > >>>>>>>> http- proxy. I followed the guide at > >>>>>>>> http://pve.proxmox.com/wiki/Ceph_Server > >>>>>>>> > >>>>>>>> But I got this: > >>>>>>>> root@proxmox4:~# pveceph install -version hammer > >>>>>>>> download and import ceph repository keys > >>>>>>>> unable to download ceph release key: 500 Can't connect > to > >>>>>>>> git.ceph.com:443 (timeout) > >>>>>>>> > >>>>>>>> I've updated the proxy entries at /etc/wgetrc - also apt.conf > >> was > >>>>>>>> updated to reflect the proxy server setting. But I got the > same > >>>>>> output. > >>>>>>>> Is there another location to be provided with a proxy setting > >>>>>>>> to get this working ? > >>>>>>>> > >>>>>>>> > >>>>>>>> Installed is Proxmox 3.4 with the latest updates applied as of > >>>>>> today. > >>>>>>>> Kind regards > >>>>>>>> Petric > >>>>>>>> > >>>>>>>> _______________________________________________ > >>>>>>>> pve-user mailing list > >>>>>>>> [email protected] > >>>>>>>> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > >>>>>>> _______________________________________________ > >>>>>>> pve-user mailing list > >>>>>>> [email protected] > >>>>>>> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > >>>>>>> > >>>>>> _______________________________________________ > >>>>>> pve-user mailing list > >>>>>> [email protected] > >>>>>> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > >>>>> _______________________________________________ > >>>>> pve-user mailing list > >>>>> [email protected] > >>>>> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > >>>>> > >>>> _______________________________________________ > >>>> pve-user mailing list > >>>> [email protected] > >>>> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > > _______________________________________________ > > pve-user mailing list > > [email protected] > > http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user > > > > > _______________________________________________ > pve-user mailing list > [email protected] > http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user _______________________________________________ pve-user mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
