Uploaded image for project: 'Red Hat Insights Engineering'
  1. Red Hat Insights Engineering
  2. RHINENG-24684

Impossible to use Red Hat Lightspeed proxy in the first attempt after installation

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • None
    • Documentation, Proxy
    • Important

      Description of Problem

      After following all the steps from https://docs.redhat.com/en/documentation/red_hat_lightspeed/1-latest/html-single/connecting_your_rhel_systems_through_the_red_hat_lightspeed_proxy/index#proxy-installation-procedures , still the curl command fails to connect to the expected URLs through rhproxy , which is mentioned as the verifiation step in https://docs.redhat.com/en/documentation/red_hat_lightspeed/1-latest/html-single/connecting_your_rhel_systems_through_the_red_hat_lightspeed_proxy/index#adding_the_required_red_hat_hostnames_to_your_firewall_allowlist section.

      How reproducible

      (Always)

      Steps to Reproduce

      1. Install a RHEL 9.7 and connect it with redhat
      2. Follow Chapter 2 to install and start rhproxy 
      3. As mentioned in the Verification steps of 2.4.1 , use the curl command to verify connectivity to fedora mirror. 
        curl -L -x http://$(hostname):3128 https://mirrors.fedoraproject.org/ 

      Actual Behavior

      curl: (56) Proxy CONNECT aborted

      Received HTTP code 502 from proxy after CONNECT

      Expected Behavior

      No such errors.

      Business Impact / Additional info

      This happens as the rhproxy uses 1.1.1.1 DNS server as configured in /home/rhproxy/.config/rhproxy/env/rhproxy.env file and, nowhere in the docs we mention about updating the DNS config in this file, specifically , to make sure rhproxy works in user environments. Using 1.1.1.1 does not even works in RHs own environment. 

      We can only make it work, after noticing https://docs.redhat.com/en/documentation/red_hat_lightspeed/1-latest/html-single/connecting_your_rhel_systems_through_the_red_hat_lightspeed_proxy/index#customizing-the-rhproxy-configuration and then fixing the value for RHPROXY_DNS_SERVER 

       

      In my honest opinion, either the `rhproxy` command line should have a way to pass and override the default dns server entry or else the following sections of the doc i.e. 

      3.5. Appendix B: Configuration options for the Red Hat Lightspeed proxy

      3.2. Customizing the rhproxy configuration

       

      should come up in the doc, before the curl-based verification step is documented. 

              Unassigned Unassigned
              rhn-support-saydas Sayan Das
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: