It's complicated because there's several components that need to use proxy config:
- juju cli client
- juju agents (incl controller, machine agent, unit agent)
- pebble
- charms (to configure workloads / tooling eg curl)
As mentioned elsewhere, the "juju-" variants were introduced to deal with the no-proxy cidr limitations that existed at the time for things like curl. And the approach was done before pebble entered the mix.
If you had asked me, I would have said that the juju components (cli and agents) would have used the "juju-" proxy values, if set. So there should be no need to also have to set the "http-" variants in order to bootstrap. That's why the "cannot set both" rule is in place as far as I recall.
So in your scenario, setting the "juju-" values and seeing
ERROR cannot deploy controller application: deploying charmhub controller charm: resolving "ch:juju-controller": resolving with preferred channel: Post "https://api.charmhub.io/v2/charms/refresh": dial tcp 185.125.188.55:443: connect: network is unreachable
seems to be a bug. Juju should be configuring the http client used to access charmhub based off those "juju-" values. If that gets fixed, you don't need to set the "http-" values, just the "juju-" ones.
See also https:/ /bugs.launchpad .net/juju/ +bug/2038416
Quick reply without digging in deeply....
It's complicated because there's several components that need to use proxy config:
- juju cli client
- juju agents (incl controller, machine agent, unit agent)
- pebble
- charms (to configure workloads / tooling eg curl)
As mentioned elsewhere, the "juju-" variants were introduced to deal with the no-proxy cidr limitations that existed at the time for things like curl. And the approach was done before pebble entered the mix.
If you had asked me, I would have said that the juju components (cli and agents) would have used the "juju-" proxy values, if set. So there should be no need to also have to set the "http-" variants in order to bootstrap. That's why the "cannot set both" rule is in place as far as I recall.
So in your scenario, setting the "juju-" values and seeing
ERROR cannot deploy controller application: deploying charmhub controller charm: resolving "ch:juju- controller" : resolving with preferred channel: Post "https:/ /api.charmhub. io/v2/charms/ refresh": dial tcp 185.125.188.55:443: connect: network is unreachable
seems to be a bug. Juju should be configuring the http client used to access charmhub based off those "juju-" values. If that gets fixed, you don't need to set the "http-" values, just the "juju-" ones.