As a dev I am curious how this is handled in our code. Does every usage of
RestClient need to know about the existence of a proxy? Are there multiple
proxies for different aspects (eg. https://cdn.redhat.com vs.
https://myinternalserver.example.com)?
···
On Thu, Apr 20, 2017 at 8:43 AM, Timo Goebel wrote:Hi,
Am 20.04.17 um 13:06 schrieb Sebastian Gräßl:
How common is a setup where external resources requiring HTTP are used
with Foreman behind a HTTP proxy?I believe, this is very common in enterprise environments. Usually any
internet access is blocked for security reasons and only connections via a
proxy server are allowed. The proxy ususally does a MITM attack to be able
to investigate encrypted traffic. While this does make sense in some cases,
don’t get me started why it does not make any sense in others.Comments?
I think especially access to all the docker registries out there is
something a corporate it-security team would want to go through a proxy
server. Setting a proxy server on a server via environment variables
(http_proxy) is quite easy with systemd unit files. However that may lead
to problems when the client doesn’t respect the ‘no_proxy’ environment
variable and suddenly all requests to a smart proxy are routed via the http
proxy. This is problematic when smart-proxy is on the same network and not
reachable via the proxy server.
I personally prefer only to have an explicit option in a settings file.
- Timo
–
You received this message because you are subscribed to the Google Groups
“foreman-dev” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-dev+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.