Skip to content
This repository has been archived by the owner on Jun 20, 2024. It is now read-only.

proxy settings can break 'weave status' and friends #379

Closed
rade opened this issue Jan 31, 2015 · 9 comments
Closed

proxy settings can break 'weave status' and friends #379

rade opened this issue Jan 31, 2015 · 9 comments
Assignees
@awh
Labels
bug
Milestone
0.10.0

Comments

@rade
Copy link
Member

rade commented Jan 31, 2015

A user was seeing

# weave status
<HTML><HEAD><TITLE>Network Error</TITLE></HEAD>
<BODY>
<FONT face="Helvetica"><big><strong></strong></big><BR></FONT>
<blockquote>
<TABLE border=0 cellPadding=1 width="80%">
<TR><TD>
<FONT face="Helvetica"><big>Network Error (tcp_error)</big><BR><BR></FONT>
</TD></TR><TR><TD><FONT face="Helvetica">A communication error
occurred: "No route to host"</FONT></TD></TR><TR><TD>
<FONT face="Helvetica">The Web Server may be down, too busy, or
experiencing other problems preventing it from responding to
requests. You may wish to try again at a later
time.</FONT></TD></TR><TR><TD><FONT face="Helvetica" SIZE=2><BR>For
assistance, contact your network support team.</FONT></TD></TR>
</TABLE>
</blockquote>
</FONT>
</BODY></HTML>

which turned out to be due to proxy settings.

Presumably the same problem arises with all other http interactions between the script and containers, such as connect and all the communication with weavedns.
@rade rade added the bug label Jan 31, 2015
@bboreham
Copy link
Contributor

According to the curl man page, --proxy '' is the way to ask for no proxy.

@rade
Copy link
Member Author

rade commented Jan 31, 2015

Yes, I looked that up last night. This would work currently and I guess is what we should do for now. But it would be wrong for #312. @squaremo?

@errordeveloper
Copy link
Contributor

There is a well-known set of environment variables which would have to check and unset otherwise...

@errordeveloper
Copy link
Contributor

With #388 proxy settings (i.e. environment variables) would be completely isolated, as the container the driver runs in will not inherit those, I believe.

@awh
Copy link
Contributor

awh commented Apr 14, 2015

Is this fixed now that #388 is merged?

@rade
Copy link
Member Author

rade commented Apr 14, 2015

should be fixed. but somebody should have a play.

@awh awh self-assigned this Apr 15, 2015
@rade
Copy link
Member Author

rade commented Apr 15, 2015

One concern I have is whether proxy settings could somehow leak into the weavexec container. After all, it's executing in the host netns and in privileged mode.

@awh
Copy link
Contributor

awh commented Apr 15, 2015

The form of the 'proxy settings' alluded to in the original report is quite vague - are we talking solely about the http_proxy environment variable (and friends) observed by curl and docker? In that case, my testing shows this to be fixed (although obviously if you have docker-affecting proxy env vars set they need to be workable in terms of us being able to docker run the weaveexec container) - as @errordeveloper says the environment variables are isolated from the weaveexec container...

@rade
Copy link
Member Author

rade commented Apr 15, 2015

The original user had http_proxy set.

So let's just leave it at that. Fixed by #388.

@rade rade closed this as completed Apr 15, 2015
@rade rade modified the milestone: 0.10.0 Apr 18, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@awh awh

Labels
bug
Projects
None yet
Milestone
0.10.0
Development

No branches or pull requests
4 participants
@rade @errordeveloper @awh @bboreham