You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We install Alma9 as indicated above. Our machines are behind a firewall which typically allows no external network access to the machine being installed. We have local squid proxies which do have external network access which the machines being installed are configured to use.
The machine being installed pauses early on in the install. Checking the Squid logs shows no accesses from the machine being installed. Checking the firewall logs shows dropped packets from the machine being installed as it tries to access the installer image etc. from the remote site.
After granting external network access to the machine being installed and monitoring its external network accesses, e.g. with tcpdump, the following was ascertained;
These first two accesses it does directly, ignoring the --proxy=,
http port 80 on IP 46.37.189.155 "GET /sites/almalinux.org/9/BaseOS/x86_64/kickstart/.treeinfo HTTP/1.1\r\n"
http port 80 on IP 46.37.189.155 "GET /sites/almalinux.org/9/BaseOS/x86_64/kickstart/images/install.img HTTP/1.1\r\n"
Thereafter it uses the proxy to access the repos and download the packages, e.g.,
http port 3128 on IP 134.219.X.Y "GET http://mirrors.ukfast.co.uk/sites/almalinux.org/9/BaseOS/x86_64/kickstart/.treeinfo HTTP/1.1\r\n"
http port 3128 on IP 134.219.X.Y "GET http://mirrors.ukfast.co.uk/sites/almalinux.org/9/AppStream/x86_64/kickstart/repodata/repomd.xml HTTP/1.1\r\n"
http port 3128 on IP 134.219.X.Y "GET http://mirrors.ukfast.co.uk/sites/almalinux.org/9/AppStream/x86_64/kickstart/repodata/0931fbd71aeb2be85de4b3c0f10a2050f71c7ce81f3e7b0653a05ce53b56d9c0-primary.xml.gz HTTP/1.1\r\n"
http port 3128 on IP 134.219.X.Y "GET http://mirrors.ukfast.co.uk/sites/almalinux.org/9/AppStream/x86_64/kickstart/repodata/23566c253ce147ad344f255ee07a3e0e60447be225c474fa3fe5af5b1320c4a7-filelists.xml.gz HTTP/1.1\r\n"
http port 3128 on IP 134.219.X.Y "GET http://mirrors.ukfast.co.uk/sites/almalinux.org/9/AppStream/x86_64/kickstart/repodata/d08d30ce06eb2a3ae1970d4573a5390a23a971204ee1dbf16bd2ccf947084a07-comps-AppStream.x86_64.xml HTTP/1.1\r\n"
etc. etc.
We observe the same problem on fellow downstream distro Rocky9 but not on upstream distro Centos Stream 9 which does honour the proxy fully.
Please help/advise?
Thanks
Tom Crane
The text was updated successfully, but these errors were encountered:
We install Alma9 as indicated above. Our machines are behind a firewall which typically allows no external network access to the machine being installed. We have local squid proxies which do have external network access which the machines being installed are configured to use.
The Kickstart file specifies, e.g.,
url --url=http://mirrors.ukfast.co.uk/sites/almalinux.org/9/BaseOS/x86_64/kickstart --proxy=http://squid.<localdomain>:3128The machine being installed pauses early on in the install. Checking the Squid logs shows no accesses from the machine being installed. Checking the firewall logs shows dropped packets from the machine being installed as it tries to access the installer image etc. from the remote site.
After granting external network access to the machine being installed and monitoring its external network accesses, e.g. with tcpdump, the following was ascertained;
These first two accesses it does directly, ignoring the --proxy=,
Thereafter it uses the proxy to access the repos and download the packages, e.g.,
We observe the same problem on fellow downstream distro Rocky9 but not on upstream distro Centos Stream 9 which does honour the proxy fully.
Please help/advise?
Thanks
Tom Crane
The text was updated successfully, but these errors were encountered: