Configure PEG to work with a proxy

Configure PEG to use a proxy for outbound traffic if required.

Prerequisites

Deploy PEG VM

Note: When you deploy the PEG VM, ensure that it has a static IP or at least a static domain name. To configure the VM static IP address, use the mechanism provided by your VPC provider.

Procedure

  1. Log in to the PEG VM through ssh.
  2. Copy your proxy certificate, if one is required, to the following locations:
    Note: The proxy file name must have a .crt extension and must be in the Base64 PEM format (called openssl format in some systems).
    • sudo cp <your proxy certificate.crt> /usr/local/share/ca-certificates/
    • sudo cp <your proxy certificate.crt> /peg_v/certs/
  3. For the OS to load the certificate, run the following command: sudo update-ca-certificates
  4. Add the following to the /etc/environment file (including the username and password if required) using the http_proxy and https_proxy values for your environment.
    Note: Although this is not a requirement, the https_proxy value is often the same as the http_proxy, with the protocol being HTTP for both.
    Enter the URL in the following format: <your http/https proxy url>

    Enter the username and password if required: http://username:password@host:port/

    ---
    http_proxy=<your http proxy url> https_proxy=<your https proxy url> 
    no_proxy="localhost,::1,127.0.0.0/8,0.0.0.0,10.0.0.0/8,192.168.0.0/16,172.16.0.0/12"
  5. Log out of your ssh session and then log back in.
    This allows the proxy settings to be picked up by the operating system.
  6. Edit the following values as follows in ~/peg/text_pipeline/values-gpu.yaml. (These values are at the bottom of the file).
    Enter the URL in the following format: <your https proxy url>. Enter the username and password if required. http://username:password@host:port/

    If you do not use a certificate for the proxy, fluentd_cert_path should be left as follows: ""

    ---
    has_fluentd_proxy: "true"
    fluentd_cert_path: "/peg_v/certs/<your proxy.crt>" 
    https_proxy: "<your https proxy url>"
    ---
  7. If you performed the steps in before performing the proxy steps outlined in the previous steps, perform the following steps:
    1. Run cd peg && ./peg_start.sh .
    2. Select Cluster Management and press Enter, and then select Load Certificates and press Enter again.
      Load the certificates into PEG and select cluster management

      Select load certificates