Add default domainname for no_proxy

All internal service and known internal hostname shuold add to no_proxy by default

Signed-off-by: DQ <dengq@vmware.com>
This commit is contained in:
DQ 2019-11-25 17:28:11 +08:00
parent 7914c58e50
commit ed6438cf69
5 changed files with 33 additions and 6 deletions

View File

@ -157,7 +157,7 @@ _version: 1.10.0
proxy:
http_proxy:
https_proxy:
no_proxy: 127.0.0.1,localhost,.local,.internal,log,db,redis,nginx,core,portal,postgresql,jobservice,registry,registryctl,clair,chartmuseum,notary-server,clair-adapter
no_proxy:
components:
- core
- jobservice

View File

@ -32,4 +32,26 @@ input_config_path = '/input/harbor.yml'
versions_file_path = Path('/usr/src/app/versions')
cert_dir = os.path.join(config_dir, "nginx", "cert")
core_cert_dir = os.path.join(config_dir, "core", "certificates")
core_cert_dir = os.path.join(config_dir, "core", "certificates")
INTERNAL_NO_PROXY_DN = {
'127.0.0.1',
'localhost',
'.local',
'.internal',
'log',
'db',
'redis',
'nginx',
'core',
'portal',
'postgresql',
'jobservice',
'registry',
'registryctl',
'clair',
'chartmuseum',
'notary-server',
'notary-signer',
'clair-adapter'
}

View File

@ -1,7 +1,7 @@
import os
import yaml
import logging
from g import versions_file_path, host_root_dir, DEFAULT_UID
from g import versions_file_path, host_root_dir, DEFAULT_UID, INTERNAL_NO_PROXY_DN
from utils.misc import generate_random_string, owner_can_read, other_can_read
default_db_max_idle_conns = 2 # NOTE: https://golang.org/pkg/database/sql/#DB.SetMaxIdleConns
@ -215,10 +215,15 @@ def parse_yaml_config(config_file_path, with_notary, with_clair, with_chartmuseu
# Global proxy configs
proxy_config = configs.get('proxy') or {}
proxy_components = proxy_config.get('components') or []
no_proxy_config = proxy_config.get('no_proxy')
all_no_proxy = INTERNAL_NO_PROXY_DN
if no_proxy_config:
all_no_proxy |= set(no_proxy_config.split(','))
for proxy_component in proxy_components:
config_dict[proxy_component + '_http_proxy'] = proxy_config.get('http_proxy') or ''
config_dict[proxy_component + '_https_proxy'] = proxy_config.get('https_proxy') or ''
config_dict[proxy_component + '_no_proxy'] = proxy_config.get('no_proxy') or '127.0.0.1,localhost,core,registry'
config_dict[proxy_component + '_no_proxy'] = ','.join(all_no_proxy)
# Clair configs, optional
clair_configs = configs.get("clair") or {}

View File

@ -334,7 +334,7 @@ proxy:
proxy:
http_proxy:
https_proxy:
no_proxy: 127.0.0.1,localhost,.local,.internal,log,db,redis,nginx,core,portal,postgresql,jobservice,registry,registryctl,clair
no_proxy:
components:
- core
- jobservice

View File

@ -262,7 +262,7 @@ proxy:
proxy:
http_proxy:
https_proxy:
no_proxy: 127.0.0.1,localhost,.local,.internal,log,db,redis,nginx,core,portal,postgresql,jobservice,registry,registryctl,clair
no_proxy:
components:
- core
- jobservice