Skip to main content
Skip table of contents

Configure Open Collector Via Proxy

This section outlines the steps to configure Open Collector from behind a proxy server.

Prerequisites

Ensure the following prerequisites have been met before configuring Docker:

  • http_proxy environment variable exported and sourced
  • https_proxy environment variable exported and sourced

Supported Beats

The following beats are currently supported for setup behind a proxy server:

Configure Proxy for GitHub Access

To create an environmental proxy configuration, allowing GitHub to be accessed from behind the proxy:

  1. Open the /etc/environment file:

    CODE 
    vi /etc/environment

  2. Add the following to the environment file:

    CODE 
    http_proxy=http://proxy_info:proxyPort
https_proxy=http://proxy_info:proxyPort
no_proxy="localhost,127.0.0.1"

  3. Log off and then log in again.
    You can now use "wget" commands to interact with GitHub.

Configure Docker

After you have run ./lrctl init to install Docker, complete the following steps to configure Docker to use the proxy:

  1. Create a systemd drop-in directory for the Docker service:

    CODE 
    $ sudo mkdir -p /etc/systemd/system/docker.service.d
  2. Do one of the following:

    • Create a file called /etc/systemd/system/docker.service.d/http-proxy.conf that adds the HTTP_PROXY environment variable:

      CODE 
      [Service]
Environment="HTTP_PROXY=http://proxy.example.com:PORT"

    • If you are behind an HTTPS proxy server, create a file called /etc/systemd/system/docker.service.d/https-proxy.conf that adds the HTTPS_PROXY environment variable:

      CODE 
      [Service]
Environment="HTTPS_PROXY=https://proxy.example.com:PORT"

  3. Flush changes:

    CODE 
    $ sudo systemctl daemon-reload

  4. Restart Docker:

    CODE 
    $ sudo systemctl restart docker

  5. Verify that Docker is able to pull images from a repository by running the following code:

    CODE 
    $ docker run hello-world

  6. Update the ~/.docker/config.json file by adding the following:

    CODE 
    {
 "proxies":
 {
   "default":
   {
     "httpProxy": "http://proxy_info:proxyPort",
     "httpsProxy": "http://proxy_info:proxyPort",
     "noProxy": "*.test.example.com,.example2.com"
   }
 }
}

    Reference the Docker documentation at https://docs.docker.com/network/proxy/

Troubleshooting

 In the event that the Open Collector does not work behind Squid Proxy server with the following error:

"proxyconnect tcp: tls: first record does not look like a TLS handshake"

This issue is being experienced with the latest version of the Docker. Previously, plain HTTP was sent even when using HTTPS, and now per the latest Go version (with the latest Docker built on top of it), it will attempt to honor the https:// with proper TLS. 

To solve this problem, check if your proxy actually supports HTTPS on that port, using openssl s_client -connect or something similar. Otherwise, you should send traffic using plain HTTP to the proxy.

Make sure the https_proxy environment variable is pointing to the HTTP version of the proxy server URL in the above-mentioned proxy configuration steps:

CODE 
"httpsProxy": "http://proxy_info:proxyPort"
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close