From a8928a3caa432c9523070f790eb15b733ab44753 Mon Sep 17 00:00:00 2001 From: esendjer Date: Fri, 11 Feb 2022 02:58:53 +0500 Subject: ignition: propagate proxy settings from a host into a vm Set proxy settings (such as `HTTP_PROXY`, and others) for the whole guest OS with setting up `DefaultEnvironment` with a `systemd` configuration file `default-env.conf`, a `profile.d` scenario file - `default-env.sh` and a `environment.d` configuration file `default-env.conf` The **actual** environment variables are read by podman at a start, then they are encrypted with base64 into a single string and after are provided into a VM through QEMU Firmware Configuration (fw_cfg) Device Inside a VM a systemd service `envset-fwcfg.service` reads the providead encrypted string from fw_cfg, decrypts and then adds to the files - `/etc/systemd/system.conf.d/default-env.conf` - `/etc/profile.d/default-env.sh` - `/etc/environment.d/default-env.conf` At the end this service execute `systemctl daemon-reload` to propagate new variables for systemd manager [NO NEW TESTS NEEDED] Closes #13168 Signed-off-by: esendjer --- pkg/machine/qemu/machine.go | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'pkg/machine/qemu/machine.go') diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index eb7b35ece..240442e49 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -1,9 +1,11 @@ +//go:build (amd64 && !windows) || (arm64 && !windows) // +build amd64,!windows arm64,!windows package qemu import ( "bufio" + "encoding/base64" "encoding/json" "fmt" "io/ioutil" @@ -123,6 +125,20 @@ func (p *Provider) LoadVMByName(name string) (machine.VM, error) { return nil, err } err = json.Unmarshal(b, vm) + + // It is here for providing the ability to propagate + // proxy settings (e.g. HTTP_PROXY and others) on a start + // and avoid a need of re-creating/re-initiating a VM + if proxyOpts := machine.GetProxyVariables(); len(proxyOpts) > 0 { + proxyStr := "name=opt/com.coreos/environment,string=" + var proxies string + for k, v := range proxyOpts { + proxies = fmt.Sprintf("%s%s=\"%s\"|", proxies, k, v) + } + proxyStr = fmt.Sprintf("%s%s", proxyStr, base64.StdEncoding.EncodeToString([]byte(proxies))) + vm.CmdLine = append(vm.CmdLine, "-fw_cfg", proxyStr) + } + logrus.Debug(vm.CmdLine) return vm, err } -- cgit v1.2.3-54-g00ecf