Problem
During the installation of DKP v2 on a preprovisioned cluster that uses HTTP proxy, the installation is stuck and you may observe the following error in the log of the pod named <clutser>-control-plane-...-provision-...:
TASK [packages : add epel gpg key] *********************************************
fatal: [10.208.2.35]: FAILED! => {"changed": false, "msg": "failed to fetch key at https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-8 , error was: Request failed: <urlopen error timed out>"}
On the first control-plane machine of the workload, cluster the yum repository does not have HTTP proxy configured:
$ pwd
/etc/yum.repos.d
$ cat konvoy-k8s.repo
[kubernetes]
baseurl = https://packages.d2iq.com/konvoy/rpm/stable/centos/7/x86_64
gpgcheck = 1
gpgkey = https://packages.d2iq.com/konvoy/rpm-gpg-pub-key
name = Konvoy Kubernetes package repository
Solution
For pre-provisioned clusters, Konvoy Image Builder (KIB) prepares the OS for installation: installs OS packages, and configures the OS. The problem occurs if KIB doesn't receive the HTTP proxy configuration.
To propagate the HTTP proxy configuration to KIB, you need to create an override using this instruction to prepare the file for the override.
The whole process should look like this:
1. Create a bootstrap cluster
2. Create a file with the overwrite using this instruction: https://docs.d2iq.com/dkp/konvoy/2.1/image-builder/override-files/create-custom-or-files/proxy-or-files/.
3. Create a secret in the bootstrap cluster using the file and this instruction: https://docs.d2iq.com/dkp/konvoy/2.1/choose-infrastructure/pre-provisioned/create-secrets-and-overrides/#create-overrides.
4. Regenerate the config.yaml file using the --override-secret-name as described here (the HTTP proxy settings should be present too).
5. Launch installation.