Skip to main content

Working with Proxies

In an environment that requires proxies to reach the Internet, many Chef commands won’t work until they’re configured correctly. To configure Chef to work in an environment that requires proxies, set the http_proxy, https_proxy, ftp_proxy, and/or no_proxy environment variables to specify the proxy settings using a lowercase value.

Windows

To determine the current proxy server on the Windows platform:

  1. Open Internet Properties.
  2. Open Connections.
  3. Open LAN settings.
  4. View the Proxy server setting. If this setting is blank, then a proxy server may not be available.

To configure proxy settings in Windows:

  1. Open System Properties.
  2. Open Environment Variables.
  3. Open System variables.
  4. Set http_proxy and https_proxy to the location of your proxy server. This value MUST be lowercase.

Linux

To determine the current proxy server on the macOS and Linux platforms, check the environment variables. Run the following:

env | grep -i http_proxy

If an environment variable is set, it MUST be lowercase. If it’s not, add a lowercase version of that proxy variable to the shell (for example ~/.bashrc) using one (or more) the following commands.

For HTTP:

export http_proxy=http://myproxy.com:3168

For HTTPS:

export https_proxy=http://myproxy.com:3168

For FTP:

export ftp_proxy=ftp://myproxy.com:3168

Proxy Settings

Proxy settings are defined in configuration files for Chef Infra Client and for knife and may be specified for HTTP, HTTPS, and FTP.

HTTP

Use the following settings in the client.rb or config.rb files for environments that use an HTTP proxy:

SettingDescription
http_proxyThe proxy server for HTTP connections. Default value: nil.
http_proxy_passThe password for the proxy server when the proxy server is using an HTTP connection. Default value: nil.
http_proxy_userThe user name for the proxy server when the proxy server is using an HTTP connection. Default value: nil.

HTTPS

Use the following settings in the client.rb or config.rb files for environments that use an HTTPS proxy:

SettingDescription
https_proxyThe proxy server for HTTPS connections. Default value: nil.
https_proxy_passThe password for the proxy server when the proxy server is using an HTTPS connection. Default value: nil.
https_proxy_userThe user name for the proxy server when the proxy server is using an HTTPS connection. Default value: nil.

FTP

Use the following settings in the client.rb or config.rb files for environments that use an FTP proxy:

SettingDescription
ftp_proxyThe proxy server for FTP connections.
ftp_proxy_passThe password for the proxy server when the proxy server is using an FTP connection. Default value: nil.
ftp_proxy_userThe user name for the proxy server when the proxy server is using an FTP connection. Default value: nil.

No Proxy

The no_proxy setting is used to specify addresses for which the proxy shouldn’t be used. This can be a single address or a comma-separated list of addresses.

Example:

no_proxy 'test.example.com,test.example2.com,test.example3.com'

Note

Wildcard matching may be used in the no_proxy list—such as no_proxy '*.*.example.*'—however, many situations require hostnames to be specified explicitly (that’s, “without wildcards”).

Environment Variables

Consider the following for situations where environment variables are used to set the proxy:

  • Proxy settings may not be honored by all applications. For example, proxy settings may be ignored by the underlying application when specifying a ftp source with a remote_file resource. Consider a workaround. For example, in this situation try doing a wget with an ftp URL instead.
  • Proxy settings may be honored inconsistently by applications. For example, the behavior of the no_proxy setting may not work with certain applications when wildcards are specified. Consider specifying the hostnames without using wildcards.

ENV

If http_proxy, https_proxy, ftp_proxy, or no_proxy is set in the client.rb file but not set in the ENV, Chef Infra Client will configure the ENV variable based on these (and related) settings. For example:

http_proxy 'http://proxy.example.org:8080'
http_proxy_user 'myself'
http_proxy_pass 'Password1'

Or an alternative way to define the proxy (if the previous version does not work):

http_proxy 'http://myself:Password1@proxy.example.org:8080'

will be set to:

ENV['http_proxy'] = 'http://myself:Password1@proxy.example.org:8080'
Edit this page on GitHub

Thank you for your feedback!

×