Canonical Juju

Bug #1773463
Comment #1

Comment 1 for bug 1773463

Revision history for this message

John A Meinel (jameinel) wrote on 2018-05-28: Re: [Bug 1773463] [NEW] [2.4-beta3] wildcard syntax is not supported by no-proxy/juju-no-proxy

* is not supported (as it wasn't supported by the underlying Go proxy code).
However
"bar.com" matches foo.bar.com, as does ".bar.com"
So while we don't allow "*.bar.com" it can be expressed as just "bar.com"
and ".bar.com".

On Sat, May 26, 2018 at 2:43 AM, Dmitrii Shcherbakov <
<email address hidden>> wrote:

> Public bug reported:
>
> Looks like *.domain.com[:port] syntax is no supported by no-proxy (CIDR
> syntax is supported judging by other tests I performed):
>
> cat model-config.yaml
> logging-config: '<root>=ERROR;unit=TRACE;juju.worker.proxyupdater=TRACE'
> #no-proxy: 'localhost,127.0.0.1,10.10.101.0/24,10.10.10.0/24'
> #http-proxy: 'http://10.10.10.88:3128'
> #https-proxy: 'http://10.10.10.88:3128'
> no-proxy: ''
> http-proxy: ''
> https-proxy: ''
> juju-no-proxy: 'localhost,127.0.0.1,10.10.101.0/24,10.10.10.0/24,*.
> canonical.com,*.ubuntu.com'
> juju-http-proxy: 'http://10.10.10.88:3128'
> juju-https-proxy: 'http://10.10.10.88:3128'
> apt-http-proxy: 'http://10.10.10.88:3128'
> apt-https-proxy: 'http://10.10.10.88:3128'
>
> juju model-config -m controller model-config.yaml
>
> dd6ca7e2-1304-456b-8d0a-d2eaa3993f53: machine-0 2018-05-25 22:17:54 DEBUG
> juju.worker.proxyupdater proxyupdater.go:165 new legacy proxy settings
> proxy.Settings{Http:"", Https:"", Ftp:"", NoProxy:"10.10.101.3",
> AutoNoProxy:""}
> dd6ca7e2-1304-456b-8d0a-d2eaa3993f53: machine-0 2018-05-25 22:17:54 DEBUG
> juju.worker.proxyupdater proxyupdater.go:186 new apt proxy settings
> proxy.Settings{Http:"http://10.10.10.88:3128", Https:"
> http://10.10.10.88:3128", Ftp:"", NoProxy:"*.canonical.com,*.ubuntu.com,
> 10.10.10.0/24,10.10.101.0/24,127.0.0.1,localhost", AutoNoProxy:""}
> 32041e72-121e-4e4c-89f7-7a35918f4a4c: unit-ubuntu-0 2018-05-25 22:18:13
> INFO unit.ubuntu/0.juju-log server.go:284 Reactive main running for hook
> update-status
>
> ubuntu@proxytest:~$ juju model-config -m controller | grep proxy
> apt-ftp-proxy default ""
> apt-http-proxy model http://10.10.10.88:3128
> apt-https-proxy model http://10.10.10.88:3128
> apt-no-proxy default ""
> ftp-proxy default ""
> http-proxy default ""
> https-proxy default ""
> juju-ftp-proxy default ""
> juju-http-proxy model http://10.10.10.88:3128
> juju-https-proxy model http://10.10.10.88:3128
> juju-no-proxy model localhost,127.0.0.1,10.10.101.
> 0/24,10.10.10.0/24,*.canonical.com,*.ubuntu.com
> logging-config model <root>=ERROR;unit=TRACE;juju.
> worker.proxyupdater=TRACE
> no-proxy model ""
> proxy-ssh default false
>
> With this model-config I still get requests sent out to a proxy.
>
> 1527286866.141 285 10.10.101.3 TCP_TUNNEL/200 3529 CONNECT
> streams.canonical.com:443 - HIER_DIRECT/91.189.88.141 -
> 1527286866.431 289 10.10.101.3 TCP_TUNNEL/200 6692 CONNECT
> streams.canonical.com:443 - HIER_DIRECT/91.189.88.141 -
> 1527286866.929 150 10.10.101.3 TCP_MISS/404 507 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/index2.sjson -
> HIER_DIRECT/91.189.92.141 text/html
> 1527286866.994 64 10.10.101.3 TCP_MISS/200 2894 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/index.sjson -
> HIER_DIRECT/91.189.92.141 -
> 1527286867.061 65 10.10.101.3 TCP_MISS/404 507 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/mirrors.sjson -
> HIER_DIRECT/91.189.92.141 text/html
> 1527286867.200 137 10.10.101.3 TCP_MISS/200 21719 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/com.
> ubuntu.cloud:released:gce.sjson - HIER_DIRECT/91.189.92.141 -
> 1527286869.411 5170 10.10.101.3 TCP_TUNNEL/200 52275 CONNECT
> api.jujucharms.com:443 - HIER_DIRECT/162.213.33.121 -
>
> Example implementation of wildcard support:
> https://go-review.googlesource.com/c/go/+/75730/
> 3/src/net/http/no_proxy.go#162
> https://go-review.googlesource.com/c/go/+/75730/
> 3/src/net/http/no_proxy.go#60
>
> ** Affects: juju
> Importance: Undecided
> Status: New
>
>
> ** Tags: cpe-onsite
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https://bugs.launchpad.net/bugs/1773463
>
> Title:
> [2.4-beta3] wildcard syntax is not supported by no-proxy/juju-no-proxy
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/1773463/+subscriptions
>

On Sat, May 26, 2018 at 2:43 AM, Dmitrii Shcherbakov <
1773463@bugs.launchpad.net> wrote:

> Public bug reported:
>
> Looks like *.domain.com[:port] syntax is no supported by no-proxy (CIDR
> syntax is supported judging by other tests I performed):
>
> cat model-config.yaml
> logging-config: '<root>=ERROR;unit=TRACE;juju.worker.proxyupdater=TRACE'
> #no-proxy: 'localhost,127.0.0.1,10.10.101.0/24,10.10.10.0/24'
> #http-proxy: 'http://10.10.10.88:3128'
> #https-proxy: 'http://10.10.10.88:3128'
> no-proxy: ''
> http-proxy: ''
> https-proxy: ''
> juju-no-proxy: 'localhost,127.0.0.1,10.10.101.0/24,10.10.10.0/24,*.
> canonical.com,*.ubuntu.com'
> juju-http-proxy: 'http://10.10.10.88:3128'
> juju-https-proxy: 'http://10.10.10.88:3128'
> apt-http-proxy: 'http://10.10.10.88:3128'
> apt-https-proxy: 'http://10.10.10.88:3128'
>
> juju model-config -m controller model-config.yaml
>
> dd6ca7e2-1304-456b-8d0a-d2eaa3993f53: machine-0 2018-05-25 22:17:54 DEBUG
> juju.worker.proxyupdater proxyupdater.go:165 new legacy proxy settings
> proxy.Settings{Http:"", Https:"", Ftp:"", NoProxy:"10.10.101.3",
> AutoNoProxy:""}
> dd6ca7e2-1304-456b-8d0a-d2eaa3993f53: machine-0 2018-05-25 22:17:54 DEBUG
> juju.worker.proxyupdater proxyupdater.go:186 new apt proxy settings
> proxy.Settings{Http:"http://10.10.10.88:3128", Https:"
> http://10.10.10.88:3128", Ftp:"", NoProxy:"*.canonical.com,*.ubuntu.com,
> 10.10.10.0/24,10.10.101.0/24,127.0.0.1,localhost", AutoNoProxy:""}
> 32041e72-121e-4e4c-89f7-7a35918f4a4c: unit-ubuntu-0 2018-05-25 22:18:13
> INFO unit.ubuntu/0.juju-log server.go:284 Reactive main running for hook
> update-status
>
> ubuntu@proxytest:~$ juju model-config -m controller | grep proxy
> apt-ftp-proxy                 default  ""
> apt-http-proxy                model    http://10.10.10.88:3128
> apt-https-proxy               model    http://10.10.10.88:3128
> apt-no-proxy                  default  ""
> ftp-proxy                     default  ""
> http-proxy                    default  ""
> https-proxy                   default  ""
> juju-ftp-proxy                default  ""
> juju-http-proxy               model    http://10.10.10.88:3128
> juju-https-proxy              model    http://10.10.10.88:3128
> juju-no-proxy                 model    localhost,127.0.0.1,10.10.101.
> 0/24,10.10.10.0/24,*.canonical.com,*.ubuntu.com
> logging-config                model    <root>=ERROR;unit=TRACE;juju.
> worker.proxyupdater=TRACE
> no-proxy                      model    ""
> proxy-ssh                     default  false
>
> With this model-config I still get requests sent out to a proxy.
>
> 1527286866.141    285 10.10.101.3 TCP_TUNNEL/200 3529 CONNECT
> streams.canonical.com:443 - HIER_DIRECT/91.189.88.141 -
> 1527286866.431    289 10.10.101.3 TCP_TUNNEL/200 6692 CONNECT
> streams.canonical.com:443 - HIER_DIRECT/91.189.88.141 -
> 1527286866.929    150 10.10.101.3 TCP_MISS/404 507 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/index2.sjson -
> HIER_DIRECT/91.189.92.141 text/html
> 1527286866.994     64 10.10.101.3 TCP_MISS/200 2894 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/index.sjson -
> HIER_DIRECT/91.189.92.141 -
> 1527286867.061     65 10.10.101.3 TCP_MISS/404 507 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/mirrors.sjson -
> HIER_DIRECT/91.189.92.141 text/html
> 1527286867.200    137 10.10.101.3 TCP_MISS/200 21719 GET
> http://cloud-images.ubuntu.com/releases/streams/v1/com.
> ubuntu.cloud:released:gce.sjson - HIER_DIRECT/91.189.92.141 -
> 1527286869.411   5170 10.10.101.3 TCP_TUNNEL/200 52275 CONNECT
> api.jujucharms.com:443 - HIER_DIRECT/162.213.33.121 -
>
> Example implementation of wildcard support:
> https://go-review.googlesource.com/c/go/+/75730/
> 3/src/net/http/no_proxy.go#162
> https://go-review.googlesource.com/c/go/+/75730/
> 3/src/net/http/no_proxy.go#60
>
> ** Affects: juju
>      Importance: Undecided
>          Status: New
>
>
> ** Tags: cpe-onsite
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https://bugs.launchpad.net/bugs/1773463
>
> Title:
>   [2.4-beta3] wildcard syntax is not supported by no-proxy/juju-no-proxy
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/1773463/+subscriptions
>