Merge pull request #12483 from csrwng/clusterup_proxy

Merged by openshift-bot

contrib/completions/bash/oc

@@ -5613,6 +5613,10 @@ _oc_cluster_up()
     local_nonpersistent_flags+=("--host-pv-dir=")
     flags+=("--host-volumes-dir=")
     local_nonpersistent_flags+=("--host-volumes-dir=")
+    flags+=("--http-proxy=")
+    local_nonpersistent_flags+=("--http-proxy=")
+    flags+=("--https-proxy=")
+    local_nonpersistent_flags+=("--https-proxy=")
     flags+=("--image=")
     local_nonpersistent_flags+=("--image=")
     flags+=("--image-streams=")
@@ -5621,6 +5625,8 @@ _oc_cluster_up()
     local_nonpersistent_flags+=("--logging")
     flags+=("--metrics")
     local_nonpersistent_flags+=("--metrics")
+    flags+=("--no-proxy=")
+    local_nonpersistent_flags+=("--no-proxy=")
     flags+=("--public-hostname=")
     local_nonpersistent_flags+=("--public-hostname=")
     flags+=("--routing-suffix=")

contrib/completions/bash/openshift

@@ -10411,6 +10411,10 @@ _openshift_cli_cluster_up()
     local_nonpersistent_flags+=("--host-pv-dir=")
     flags+=("--host-volumes-dir=")
     local_nonpersistent_flags+=("--host-volumes-dir=")
+    flags+=("--http-proxy=")
+    local_nonpersistent_flags+=("--http-proxy=")
+    flags+=("--https-proxy=")
+    local_nonpersistent_flags+=("--https-proxy=")
     flags+=("--image=")
     local_nonpersistent_flags+=("--image=")
     flags+=("--image-streams=")
@@ -10419,6 +10423,8 @@ _openshift_cli_cluster_up()
     local_nonpersistent_flags+=("--logging")
     flags+=("--metrics")
     local_nonpersistent_flags+=("--metrics")
+    flags+=("--no-proxy=")
+    local_nonpersistent_flags+=("--no-proxy=")
     flags+=("--public-hostname=")
     local_nonpersistent_flags+=("--public-hostname=")
     flags+=("--routing-suffix=")

contrib/completions/zsh/oc

@@ -5761,6 +5761,10 @@ _oc_cluster_up()
     local_nonpersistent_flags+=("--host-pv-dir=")
     flags+=("--host-volumes-dir=")
     local_nonpersistent_flags+=("--host-volumes-dir=")
+    flags+=("--http-proxy=")
+    local_nonpersistent_flags+=("--http-proxy=")
+    flags+=("--https-proxy=")
+    local_nonpersistent_flags+=("--https-proxy=")
     flags+=("--image=")
     local_nonpersistent_flags+=("--image=")
     flags+=("--image-streams=")
@@ -5769,6 +5773,8 @@ _oc_cluster_up()
     local_nonpersistent_flags+=("--logging")
     flags+=("--metrics")
     local_nonpersistent_flags+=("--metrics")
+    flags+=("--no-proxy=")
+    local_nonpersistent_flags+=("--no-proxy=")
     flags+=("--public-hostname=")
     local_nonpersistent_flags+=("--public-hostname=")
     flags+=("--routing-suffix=")

contrib/completions/zsh/openshift

@@ -10559,6 +10559,10 @@ _openshift_cli_cluster_up()
     local_nonpersistent_flags+=("--host-pv-dir=")
     flags+=("--host-volumes-dir=")
     local_nonpersistent_flags+=("--host-volumes-dir=")
+    flags+=("--http-proxy=")
+    local_nonpersistent_flags+=("--http-proxy=")
+    flags+=("--https-proxy=")
+    local_nonpersistent_flags+=("--https-proxy=")
     flags+=("--image=")
     local_nonpersistent_flags+=("--image=")
     flags+=("--image-streams=")
@@ -10567,6 +10571,8 @@ _openshift_cli_cluster_up()
     local_nonpersistent_flags+=("--logging")
     flags+=("--metrics")
     local_nonpersistent_flags+=("--metrics")
+    flags+=("--no-proxy=")
+    local_nonpersistent_flags+=("--no-proxy=")
     flags+=("--public-hostname=")
     local_nonpersistent_flags+=("--public-hostname=")
     flags+=("--routing-suffix=")

docs/man/man1/oc-cluster-up.1

@@ -61,6 +61,14 @@ A public hostname can also be specified for the server with the \-\-public\-host
 \fB\-\-host\-volumes\-dir\fP="/var/lib/origin/openshift.local.volumes"
     Directory on Docker host for OpenShift volumes
 
+.PP
+\fB\-\-http\-proxy\fP=""
+    HTTP proxy to use for master and builds
+
+.PP
+\fB\-\-https\-proxy\fP=""
+    HTTPS proxy to use for master and builds
+
 .PP
 \fB\-\-image\fP="openshift/origin"
     Specify the images to use for OpenShift
@@ -77,6 +85,10 @@ A public hostname can also be specified for the server with the \-\-public\-host
 \fB\-\-metrics\fP=false
     If true, install metrics (experimental)
 
+.PP
+\fB\-\-no\-proxy\fP=[]
+    List of hosts or subnets for which a proxy should not be used
+
 .PP
 \fB\-\-public\-hostname\fP=""
     Public hostname for OpenShift cluster

docs/man/man1/openshift-cli-cluster-up.1

@@ -61,6 +61,14 @@ A public hostname can also be specified for the server with the \-\-public\-host
 \fB\-\-host\-volumes\-dir\fP="/var/lib/origin/openshift.local.volumes"
     Directory on Docker host for OpenShift volumes
 
+.PP
+\fB\-\-http\-proxy\fP=""
+    HTTP proxy to use for master and builds
+
+.PP
+\fB\-\-https\-proxy\fP=""
+    HTTPS proxy to use for master and builds
+
 .PP
 \fB\-\-image\fP="openshift/origin"
     Specify the images to use for OpenShift
@@ -77,6 +85,10 @@ A public hostname can also be specified for the server with the \-\-public\-host
 \fB\-\-metrics\fP=false
     If true, install metrics (experimental)
 
+.PP
+\fB\-\-no\-proxy\fP=[]
+    List of hosts or subnets for which a proxy should not be used
+
 .PP
 \fB\-\-public\-hostname\fP=""
     Public hostname for OpenShift cluster

pkg/bootstrap/docker/dockerhelper/helper.go

@@ -13,6 +13,7 @@ import (
 
 	"github.com/blang/semver"
 	dockerclient "github.com/docker/engine-api/client"
+	dockertypes "github.com/docker/engine-api/types"
 	"github.com/docker/engine-api/types/registry"
 	docker "github.com/fsouza/go-dockerclient"
 	"github.com/golang/glog"
@@ -28,6 +29,7 @@ const openShiftInsecureCIDR = "172.30.0.0/16"
 type Helper struct {
 	client          *docker.Client
 	engineAPIClient *dockerclient.Client
+	info            *dockertypes.Info
 }
 
 // NewHelper creates a new Helper
@@ -55,21 +57,33 @@ func hasCIDR(cidr string, listOfCIDRs []*registry.NetIPNet) bool {
 	return false
 }
 
-// HasInsecureRegistryArg checks whether the docker daemon is configured with
-// the appropriate insecure registry argument
-func (h *Helper) HasInsecureRegistryArg() (bool, error) {
-	glog.V(5).Infof("Retrieving Docker daemon info")
-	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+func (h *Helper) dockerInfo() (*dockertypes.Info, error) {
+	if h.info != nil {
+		return h.info, nil
+	}
 	if h.engineAPIClient == nil {
-		return false, fmt.Errorf("the Docker engine API client is not initialized")
+		return nil, fmt.Errorf("the Docker engine API client is not initialized")
 	}
+	glog.V(5).Infof("Retrieving Docker daemon info")
+	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	info, err := h.engineAPIClient.Info(ctx)
 	defer cancel()
 	if err != nil {
 		glog.V(2).Infof("Could not retrieve Docker info: %v", err)
-		return false, err
+		return nil, err
 	}
 	glog.V(5).Infof("Docker daemon info: %#v", info)
+	h.info = &info
+	return h.info, nil
+}
+
+// HasInsecureRegistryArg checks whether the docker daemon is configured with
+// the appropriate insecure registry argument
+func (h *Helper) HasInsecureRegistryArg() (bool, error) {
+	info, err := h.dockerInfo()
+	if err != nil {
+		return false, err
+	}
 	registryConfig := info.RegistryConfig
 	if err != nil {
 		return false, err
@@ -109,6 +123,14 @@ func (h *Helper) Version() (*semver.Version, bool, error) {
 	return &dockerVersion, isRedHat, nil
 }
 
+func (h *Helper) GetDockerProxySettings() (httpProxy, httpsProxy, noProxy string, err error) {
+	info, err := h.dockerInfo()
+	if err != nil {
+		return "", "", "", err
+	}
+	return info.HTTPProxy, info.HTTPSProxy, info.NoProxy, nil
+}
+
 // CheckAndPull checks whether a Docker image exists. If not, it pulls it.
 func (h *Helper) CheckAndPull(image string, out io.Writer) error {
 	glog.V(5).Infof("Inspecting Docker image %q", image)

pkg/bootstrap/docker/openshift/admin.go

@@ -29,6 +29,7 @@ const (
 	SvcDockerRegistry = "docker-registry"
 	SvcRouter         = "router"
 	masterConfigDir   = "/var/lib/origin/openshift.local.config/master"
+	RegistryServiceIP = "172.30.1.1"
 )
 
 // InstallRegistry checks whether a registry is installed and installs one if not already installed
@@ -60,6 +61,7 @@ func (h *Helper) InstallRegistry(kubeClient kclientset.Interface, f *clientcmd.F
 			Volume:         "/registry",
 			ServiceAccount: "registry",
 			HostMount:      path.Join(pvDir, "registry"),
+			ClusterIP:      RegistryServiceIP,
 		},
 	}
 	cmd := registry.NewCmdRegistry(f, "", "registry", out, errout)

pkg/bootstrap/docker/openshift/helper.go

@@ -13,13 +13,15 @@ import (
 
 	docker "github.com/fsouza/go-dockerclient"
 	"github.com/golang/glog"
+	kapi "k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/util/homedir"
 
 	"github.com/openshift/origin/pkg/bootstrap/docker/dockerhelper"
 	"github.com/openshift/origin/pkg/bootstrap/docker/errors"
 	dockerexec "github.com/openshift/origin/pkg/bootstrap/docker/exec"
 	"github.com/openshift/origin/pkg/bootstrap/docker/host"
 	"github.com/openshift/origin/pkg/bootstrap/docker/run"
+	defaultsapi "github.com/openshift/origin/pkg/build/admission/defaults/api"
 	cliconfig "github.com/openshift/origin/pkg/cmd/cli/config"
 	configapi "github.com/openshift/origin/pkg/cmd/server/api"
 	_ "github.com/openshift/origin/pkg/cmd/server/api/install"
@@ -64,6 +66,7 @@ type Helper struct {
 	image         string
 	containerName string
 	routingSuffix string
+	serverIP      string
 }
 
 // StartOptions represent the parameters sent to the start command
@@ -84,6 +87,9 @@ type StartOptions struct {
 	MetricsHost              string
 	LoggingHost              string
 	PortForwarding           bool
+	HTTPProxy                string
+	HTTPSProxy               string
+	NoProxy                  []string
 }
 
 // NewHelper creates a new OpenShift helper
@@ -176,6 +182,9 @@ func (h *Helper) DetermineNodeHost(hostConfigDir string, names ...string) (strin
 
 // ServerIP retrieves the Server ip through the openshift start command
 func (h *Helper) ServerIP() (string, error) {
+	if len(h.serverIP) > 0 {
+		return h.serverIP, nil
+	}
 	result, _, _, err := h.runHelper.New().Image(h.image).
 		DiscardContainer().
 		Privileged().
@@ -184,7 +193,8 @@ func (h *Helper) ServerIP() (string, error) {
 	if err != nil {
 		return "", err
 	}
-	return strings.TrimSpace(result), nil
+	h.serverIP = strings.TrimSpace(result)
+	return h.serverIP, nil
 }
 
 // OtherIPs tries to find other IPs besides the argument IP for the Docker host
@@ -223,6 +233,15 @@ func (h *Helper) Start(opt *StartOptions, out io.Writer) (string, error) {
 
 	binds := openShiftContainerBinds
 	env := []string{}
+	if len(opt.HTTPProxy) > 0 {
+		env = append(env, fmt.Sprintf("HTTP_PROXY=%s", opt.HTTPProxy))
+	}
+	if len(opt.HTTPSProxy) > 0 {
+		env = append(env, fmt.Sprintf("HTTPS_PROXY=%s", opt.HTTPSProxy))
+	}
+	if len(opt.NoProxy) > 0 {
+		env = append(env, fmt.Sprintf("NO_PROXY=%s", strings.Join(opt.NoProxy, ",")))
+	}
 	if opt.UseSharedVolume {
 		binds = append(binds, fmt.Sprintf("%[1]s:%[1]s:shared", opt.HostVolumesDir))
 		env = append(env, "OPENSHIFT_CONTAINERIZED=false")
@@ -305,7 +324,7 @@ func (h *Helper) Start(opt *StartOptions, out io.Writer) (string, error) {
 		if err != nil {
 			return "", errors.NewError("could not copy OpenShift configuration").WithCause(err)
 		}
-		err = h.updateConfig(configDir, opt.RouterIP, opt.MetricsHost, opt.LoggingHost)
+		err = h.updateConfig(configDir, opt)
 		if err != nil {
 			cleanupConfig()
 			return "", errors.NewError("could not update OpenShift configuration").WithCause(err)
@@ -494,7 +513,7 @@ func GetConfigFromContainer(client *docker.Client) (*configapi.MasterConfig, err
 	return config, nil
 }
 
-func (h *Helper) updateConfig(configDir, routerIP, metricsHost, loggingHost string) error {
+func (h *Helper) updateConfig(configDir string, opt *StartOptions) error {
 	cfg, configPath, err := h.GetConfigFromLocalDir(configDir)
 	if err != nil {
 		return err
@@ -503,15 +522,52 @@ func (h *Helper) updateConfig(configDir, routerIP, metricsHost, loggingHost stri
 	if len(h.routingSuffix) > 0 {
 		cfg.RoutingConfig.Subdomain = h.routingSuffix
 	} else {
-		cfg.RoutingConfig.Subdomain = fmt.Sprintf("%s.xip.io", routerIP)
+		cfg.RoutingConfig.Subdomain = fmt.Sprintf("%s.xip.io", opt.RouterIP)
+	}
+
+	if len(opt.MetricsHost) > 0 && cfg.AssetConfig != nil {
+		cfg.AssetConfig.MetricsPublicURL = fmt.Sprintf("https://%s/hawkular/metrics", opt.MetricsHost)
 	}
 
-	if len(metricsHost) > 0 && cfg.AssetConfig != nil {
-		cfg.AssetConfig.MetricsPublicURL = fmt.Sprintf("https://%s/hawkular/metrics", metricsHost)
+	if len(opt.LoggingHost) > 0 && cfg.AssetConfig != nil {
+		cfg.AssetConfig.LoggingPublicURL = fmt.Sprintf("https://%s", opt.LoggingHost)
 	}
 
-	if len(loggingHost) > 0 && cfg.AssetConfig != nil {
-		cfg.AssetConfig.LoggingPublicURL = fmt.Sprintf("https://%s", loggingHost)
+	if len(opt.HTTPProxy) > 0 || len(opt.HTTPSProxy) > 0 || len(opt.NoProxy) > 0 {
+		if cfg.AdmissionConfig.PluginConfig == nil {
+			cfg.AdmissionConfig.PluginConfig = map[string]configapi.AdmissionPluginConfig{}
+		}
+
+		var buildDefaults *defaultsapi.BuildDefaultsConfig
+		buildDefaultsConfig, ok := cfg.AdmissionConfig.PluginConfig[defaultsapi.BuildDefaultsPlugin]
+		if !ok {
+			buildDefaultsConfig = configapi.AdmissionPluginConfig{}
+		}
+		if buildDefaultsConfig.Configuration != nil {
+			buildDefaults = buildDefaultsConfig.Configuration.(*defaultsapi.BuildDefaultsConfig)
+		}
+		if buildDefaults == nil {
+			buildDefaults = &defaultsapi.BuildDefaultsConfig{}
+			buildDefaultsConfig.Configuration = buildDefaults
+		}
+		buildDefaults.GitHTTPProxy = opt.HTTPProxy
+		buildDefaults.GitHTTPSProxy = opt.HTTPSProxy
+		buildDefaults.GitNoProxy = strings.Join(opt.NoProxy, ",")
+		varsToSet := map[string]string{
+			"HTTP_PROXY":  opt.HTTPProxy,
+			"http_proxy":  opt.HTTPProxy,
+			"HTTPS_PROXY": opt.HTTPSProxy,
+			"https_proxy": opt.HTTPSProxy,
+			"NO_PROXY":    strings.Join(opt.NoProxy, ","),
+			"no_proxy":    strings.Join(opt.NoProxy, ","),
+		}
+		for k, v := range varsToSet {
+			buildDefaults.Env = append(buildDefaults.Env, kapi.EnvVar{
+				Name:  k,
+				Value: v,
+			})
+		}
+		cfg.AdmissionConfig.PluginConfig[defaultsapi.BuildDefaultsPlugin] = buildDefaultsConfig
 	}
 
 	cfg.JenkinsPipelineConfig.TemplateName = "jenkins-persistent"