-
Bug
-
Resolution: Done
-
Normal
-
6.15.5
-
Rocket
-
0
-
False
-
ansible-collection-redhat-satellite_operations-3.0.1
-
Important
-
Satellite Rocket Sprint 3, Satellite Rocket Sprint 4, Satellite Rocket Sprint 5, Satellite Rocket Sprint 6
-
sat-rocket
-
None
-
None
-
Rejected
-
Automated
After the cloud-connector job is executed, When satellite is configured with proxy, The /etc/systemd/system/rhcd.service.d/proxy.conf has NO_PROXY defined as
Environment=NO_PROXY=https://satellite.example.com
Ideally NO_PROXY is defined as IP or FQDN or a subnet without the network protocol https
This may in some cases cause failures as below where the satellite is not allowed to connect to itself via proxy and rhc still makes that call:
worker.go:111: [/usr/libexec/rhc/foreman-rh-cloud-worker] 2025/05/16 17:37:54 Post "https://satellite.example.com/api/v2/rh_cloud/cloud_request": tls: failed to verify certificate: x509: certificate signed by unknown authority
Possible fix:
diff --git a/roles/cloud_connector/templates/proxy.conf.j2 b/roles/cloud_connector/templates/proxy.conf.j2
index 2965c4b..39edfef 100644
--- a/roles/cloud_connector/templates/proxy.conf.j2
+++ b/roles/cloud_connector/templates/proxy.conf.j2
@@ -1,3 +1,3 @@
[Service]
Environment=HTTPS_PROXY={{ satellite_cloud_connector_http_proxy }}
-Environment=NO_PROXY={{ satellite_cloud_connector_url }}
+Environment=NO_PROXY={{ satellite_cloud_connector_url | regex_replace('^https?://', '') }}
- is cloned by
-
-
- Closed
-
