Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

setting http_proxy env on [engine] table results in containers always having http_proxy #8843

Closed
ahmadalli opened this issue Dec 28, 2020 · 5 comments · Fixed by #8905
Closed

setting http_proxy env on [engine] table results in containers always having http_proxy #8843

ahmadalli opened this issue Dec 28, 2020 · 5 comments · Fixed by #8905
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@ahmadalli
Copy link

ahmadalli commented Dec 28, 2020
edited
Loading

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug

Description

Steps to reproduce the issue:

  1. set http_proxy env on [engine] table on `/etc/containers/containers.conf 
    env = [
     "http_proxy=http://1.2.3.4:5678",
     "https_proxy=http://1.2.3.4:5678",
     "no_proxy=localhost,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16",
   ]
  2. set http_proxy to false on [containers] table 
    http_proxy = false
  3. check the results 
    podman run --rm docker.io/library/alpine printenv http_proxy

Describe the results you received:

the output of the last step would be http://1.2.3.4:5678

but if we add --http-proxy=false to the command, it works fine

podman run --rm --http-proxy=false docker.io/library/alpine printenv http_proxy

Describe the results you expected:

the last step shouldn't have any output

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:      2.2.1
API Version:  2.1.0
Go Version:   go1.15.2
Built:        Thu Jan  1 03:30:00 1970
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.18.0
  cgroupManager: systemd
  cgroupVersion: v1
  conmon:
    package: 'conmon: /usr/libexec/podman/conmon'
    path: /usr/libexec/podman/conmon
    version: 'conmon version 2.0.22, commit: '
  cpus: 24
  distribution:
    distribution: ubuntu
    version: "20.04"
  eventLogger: journald
  hostname: nebula6
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 5.4.0-58-generic
  linkmode: dynamic
  memFree: 29907927040
  memTotal: 67501182976
  ociRuntime:
    name: crun
    package: 'crun: /usr/bin/crun'
    path: /usr/bin/crun
    version: |-
      crun version 0.16.3-fd58-dirty
      commit: fd582c529489c0738e7039cbc036781d1d039014
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
  os: linux
  remoteSocket:
    path: /run/podman/podman.sock
  rootless: false
  slirp4netns:
    executable: ""
    package: ""
    version: ""
  swapFree: 8589930496
  swapTotal: 8589930496
  uptime: 335h 14m 34.85s (Approximately 13.96 days)
registries:
  search:
  - docker.io
  - registry.fedoraproject.org
  - quay.io
  - registry.access.redhat.com
  - registry.centos.org
store:
  configFile: /etc/containers/storage.conf
  containerStore:
    number: 1
    paused: 0
    running: 0
    stopped: 1
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /var/lib/containers/storage
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageStore:
    number: 3
  runRoot: /var/run/containers/storage
  volumePath: /var/lib/containers/storage/volumes
version:
  APIVersion: 2.1.0
  Built: 0
  BuiltTime: Thu Jan  1 03:30:00 1970
  GitCommit: ""
  GoVersion: go1.15.2
  OsArch: linux/amd64
  Version: 2.2.1

Package info (e.g. output of rpm -q podman or apt list podman):

podman/unknown,now 2.2.1~4 amd64 [installed]
podman/unknown 2.2.1~4 arm64
podman/unknown 2.2.1~4 armhf
podman/unknown 2.2.1~4 s390x

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide?

Yes

Additional environment details (AWS, VirtualBox, physical, etc.): baremetal
@openshift-ci-robot openshift-ci-robot added the kind/bug Categorizes issue or PR as related to a bug. label Dec 28, 2020
@rhatdan
Copy link
Member

rhatdan commented Dec 28, 2020

This is simple to fix on the podman local side, but difficult to fix on the remote side.

rhatdan added a commit to rhatdan/podman that referenced this issue Dec 28, 2020
@rhatdan
Use HTTPProxy settings from containers.conf
3855293 
This PR takes the settings from containers.conf and uses
them.  This works on the podman local but does not fix the
issue for podman remote or for APIv2.  We need a way
to specify optionalbooleans when creating containers.

Fixes: containers#8843

Signed-off-by: Daniel J Walsh <[email protected]>
@rhatdan rhatdan mentioned this issue Dec 28, 2020
Closed
@ahmadalli
Copy link
Author

Shouldn't remote obey it's own containser.json configuration? since what are we considering engine when we use remote mode? the client or the podman socket running in the target host?

@rhatdan
Copy link
Member

rhatdan commented Dec 29, 2020

No the goal is to be able to set server side defaults, and then allow users to override them. This works fine for everything except booleans, Since the default unset state of a boolean is false, there is no way to know if a user set it to false versus just sending the default.

@ahmadalli
Copy link
Author

why http_proxy should be enabled by default?

@rhatdan
Copy link
Member

rhatdan commented Dec 29, 2020

Let's ignore podman-remote and just look at the APIV2. If I am sing podman-py and create a container and the user does not specify http_proxy, then the server should default to true, based on containers.conf. If the user specifies http_proxy=false, then we should fall back to not doing http_proxy. The issue is the server currently can not tell the difference between the user specifying nothing and the user specying false. So if server default is true, what should server do?

The better solution is to use an optionalbool in the parameter rather then a regular bool. That allows the user to know if the user specified true/false or did not specify.

@rhatdan rhatdan mentioned this issue Jan 7, 2021
Merged
rhatdan added a commit to rhatdan/podman that referenced this issue Jan 11, 2021
@rhatdan
Use HTTPProxy settings from containers.conf
1c1e670 
This PR takes the settings from containers.conf and uses
them.  This works on the podman local but does not fix the
issue for podman remote or for APIv2.  We need a way
to specify optionalbooleans when creating containers.

Fixes: containers#8843

Signed-off-by: Daniel J Walsh <[email protected]>
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 22, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 22, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
3 participants
@rhatdan @ahmadalli @openshift-ci-robot