Working with Proxies
In an environment that requires proxies to reach the Internet, many Chef commands will not work until they are configured correctly. To configure Chef to work in an environment that requires proxies, set the http_proxy
, https_proxy
, ftp_proxy
, and/or no_proxy
environment variables to specify the proxy settings using a lowercase value.
Microsoft Windows
To determine the current proxy server on the Microsoft Windows platform:
- Open Internet Properties.
- Open Connections.
- Open LAN settings.
- View the Proxy server setting. If this setting is blank, then a proxy server may not be available.
To configure proxy settings in Microsoft Windows:
- Open System Properties.
- Open Environment Variables.
- Open System variables.
- Set
http_proxy
andhttps_proxy
to the location of your proxy server. This value MUST be lowercase.
Linux
To determine the current proxy server on the macOS and Linux platforms, check the environment variables. Run the following:
env | grep -i http_proxy
If an environment variable is set, it MUST be lowercase. If it is not, add a lowercase version of that proxy variable to the shell (e.g. ~/.bashrc
) using one (or more) the following commands.
For HTTP:
export http_proxy=http://myproxy.com:3168
For HTTPS:
export https_proxy=http://myproxy.com:3168
For FTP:
export ftp_proxy=ftp://myproxy.com:3168
Proxy Settings
Proxy settings are defined in configuration files for Chef Infra Client and for knife and may be specified for HTTP, HTTPS, and FTP.
HTTP
Use the following settings in the client.rb or config.rb files for environments that use an HTTP proxy:
Setting | Description |
---|---|
http_proxy |
The proxy server for HTTP connections. Default value: nil . |
http_proxy_pass |
The password for the proxy server when the proxy server is using an HTTP connection. Default value: nil . |
http_proxy_user |
The user name for the proxy server when the proxy server is using an HTTP connection. Default value: nil . |
HTTPS
Use the following settings in the client.rb or config.rb files for environments that use an HTTPS proxy:
Setting | Description |
---|---|
https_proxy |
The proxy server for HTTPS connections. Default value: nil . |
https_proxy_pass |
The password for the proxy server when the proxy server is using an HTTPS connection. Default value: nil . |
https_proxy_user |
The user name for the proxy server when the proxy server is using an HTTPS connection. Default value: nil . |
FTP
Use the following settings in the client.rb or config.rb files for environments that use an FTP proxy:
Setting | Description |
---|---|
ftp_proxy |
The proxy server for FTP connections. |
ftp_proxy_pass |
The password for the proxy server when the proxy server is using an FTP connection. Default value: nil . |
ftp_proxy_user |
The user name for the proxy server when the proxy server is using an FTP connection. Default value: nil . |
No Proxy
The no_proxy
setting is used to specify addresses for which the proxy should not be used. This can be a single address or a comma-separated list of addresses.
Example:
no_proxy 'test.example.com,test.example2.com,test.example3.com'
Note
no_proxy
list—such as no_proxy '*.*.example.*'
—however, many situations require hostnames to be specified explicitly (i.e. “without wildcards”).Environment Variables
Consider the following for situations where environment variables are used to set the proxy:
- Proxy settings may not be honored by all applications. For example, proxy settings may be ignored by the underlying application when specifying a
ftp
source with aremote_file
resource. Consider a workaround. For example, in this situation try doing awget
with anftp
URL instead. - Proxy settings may be honored inconsistently by applications. For example, the behavior of the
no_proxy
setting may not work with certain applications when wildcards are specified. Consider specifying the hostnames without using wildcards.
ENV
If http_proxy
, https_proxy
, ftp_proxy
, or no_proxy
is set in the client.rb file but not set in the ENV
, Chef Infra Client will configure the ENV
variable based on these (and related) settings. For example:
http_proxy 'http://proxy.example.org:8080'
http_proxy_user 'myself'
http_proxy_pass 'Password1'
Or an alternative way to define the proxy (if the previous version does not work):
http_proxy 'http://myself:[email protected]:8080'
will be set to:
ENV['http_proxy'] = 'http://myself:[email protected]:8080'
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
https://docs.chef.io/proxies/