Configure Proxies
You must configure proxy settings for the Insight Orchestrator and Docker if your network environment routes HTTP requests through a proxy. If you do not add a proxy configuration for them, plugin downloads on the orchestrator will fail because Docker registry is unreachable.
Configure Proxies in Docker
To configure the proxy settings in Docker:
- Open a terminal window in your orchestrator’s virtual machine.
- Locate and open the Docker engine service file at
/lib/systemd/system/docker.service. - Find the
[Service]section of the file and add the following line:.
You can substitute the environment variables with your own, using the following format: <proxy-url>:<port>/.
You can optionally set the NO_PROXY variable to local values, but this is not necessary.
4. After saving docker.service, reload systemd by running sudo systemctl daemon-reload, Run sudo systemctl restart docker to restart the Docker engine.
5. Run systemctl show --property=Environment docker to verify the environment variable was configured correctly. The result should match the settings you just configured.
To learn more about configuring a proxy for Docker, read https://docs.docker.com/engine/admin/systemd/#httphttps-proxy.
Configure Proxies for your Orchestrator
To configure proxy settings in your orchestrator, you must set the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables in the orchestrator’s configuration file.
To configure the proxy settings for an orchestrator:
- Open the orchestrator config file located at
/opt/rapid7/orchestrator/etc/executor.conf. - Provide the
HTTP_PROXYandHTTPS_PROXYvariables in the same format as you set them in Docker,<proxy-url>:<port>/. - Set the
NO_PROXYvariable for local requests toNO_PROXY=127.0.0.1,0.0.0.0. Add any additional values as needed by your network environment, separated by commas. - Run the
orch-restartcommand to restart the orchestrator. If this does not restart the orchestrator, trysudo systemctl restart rapid7-orchestrator.