From 8c2b264d31baba3db57ce53ee2ef40e99f8930c0 Mon Sep 17 00:00:00 2001
From: garciadeblas <gerardo.garciadeblas@telefonica.com>
Date: Thu, 2 Nov 2023 07:56:50 +0100
Subject: [PATCH] Fix air-gapped installation issues with containerd and OSM
 helm chart

Change-Id: I5d8a8afc751d892de6be92ebbb62bd3ace382b21
Signed-off-by: garciadeblas <gerardo.garciadeblas@telefonica.com>
---
 installers/full_install_osm.sh  | 14 +++++++++---
 installers/install_docker_ce.sh | 39 ++++++++++++++++++++++++++-------
 2 files changed, 42 insertions(+), 11 deletions(-)

diff --git a/installers/full_install_osm.sh b/installers/full_install_osm.sh
index 2f90bcf6..6f80953d 100755
--- a/installers/full_install_osm.sh
+++ b/installers/full_install_osm.sh
@@ -290,9 +290,17 @@ EOF"
     [ -n "${INSTALL_NGSA}" ] || OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.oldServiceAssurance=true"
     if [ -n "${OSM_BEHIND_PROXY}" ]; then
         OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.behindHttpProxy=true"
-        [ -n "${HTTP_PROXY}" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.httpProxy.HTTP_PROXY=${HTTP_PROXY}"
-        [ -n "${HTTPS_PROXY}" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.httpProxy.HTTPS_PROXY=${HTTPS_PROXY}"
-        [ -n "${NO_PROXY}" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.httpProxy.NO_PROXY=${NO_PROXY}"
+        [ -n "${HTTP_PROXY}" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.httpProxy.HTTP_PROXY=\"${HTTP_PROXY}\""
+        [ -n "${HTTPS_PROXY}" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.httpProxy.HTTPS_PROXY=\"${HTTPS_PROXY}\""
+        if [ -n "${NO_PROXY}" ]; then
+            if [[ ! "${NO_PROXY}" =~ .*".svc".* ]]; then
+                NO_PROXY="${NO_PROXY},.svc"
+            fi
+            if [[ ! "${NO_PROXY}" =~ .*".cluster.local".* ]]; then
+                NO_PROXY="${NO_PROXY},.cluster.local"
+            fi
+            OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.httpProxy.NO_PROXY=\"${NO_PROXY//,/\,}\""
+        fi
     fi
 
     if [ -n "${INSTALL_JUJU}" ]; then
diff --git a/installers/install_docker_ce.sh b/installers/install_docker_ce.sh
index e5c2f44d..5010f7e3 100755
--- a/installers/install_docker_ce.sh
+++ b/installers/install_docker_ce.sh
@@ -15,6 +15,36 @@
 
 set +eux
 
+function configure_containerd() {
+    echo "Configuring containerd to expose CRI and use systemd cgroup"
+    sudo mv /etc/containerd/config.toml /etc/containerd/config.toml.orig 2>/dev/null
+    sudo bash -c "containerd config default > /etc/containerd/config.toml"
+    sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
+    if [ -n "${DOCKER_PROXY_URL}" ]; then
+        echo "Configuring ${DOCKER_PROXY_URL} as registry mirror in /etc/containerd/config.toml"
+        sudo sed -i "s#\[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors\]#\[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors\]\n        \[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors.\"docker.io\"\]\n          endpoint = \[\"${DOCKER_PROXY_URL}\"\]\n        \[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors.\"registry.hub.docker.com\"]\n          endpoint = \[\"${DOCKER_PROXY_URL}\"]#" /etc/containerd/config.toml
+    fi
+    if [ -n "${OSM_BEHIND_PROXY}" ] ; then
+        echo "Configuring http proxies in /etc/systemd/system/containerd.service.d/http-proxy.conf"
+        if ! [ -f /etc/systemd/system/containerd.service.d/http-proxy.conf ] ; then
+            sudo mkdir -p /etc/systemd/system/containerd.service.d
+            cat << EOF | sudo tee -a /etc/systemd/system/containerd.service.d/http-proxy.conf
+[Service]
+EOF
+        fi
+        [ -n "${HTTP_PROXY}" ] && sudo bash -c "cat <<EOF >> /etc/systemd/system/containerd.service.d/http-proxy.conf
+Environment=\"HTTP_PROXY=${HTTP_PROXY}\"
+EOF"
+        [ -n "${HTTPS_PROXY}" ] && sudo bash -c "cat <<EOF >> /etc/systemd/system/containerd.service.d/http-proxy.conf
+Environment=\"HTTPS_PROXY=${HTTPS_PROXY}\"
+EOF"
+        [ -n "${NO_PROXY}" ] && sudo bash -c "cat <<EOF >> /etc/systemd/system/containerd.service.d/http-proxy.conf
+Environment=\"NO_PROXY=${NO_PROXY}\"
+EOF"
+    fi
+    sudo systemctl restart containerd
+}
+
 function install_docker_ce() {
     # installs and configures Docker CE
     [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
@@ -75,14 +105,7 @@ EOF"
         echo "... restarted Docker service"
     fi
 
-    echo "Configuring containerd to expose CRI, use systemd cgroup and use DOCKER_PROXY_URL as registry mirror"
-    sudo mv /etc/containerd/config.toml /etc/containerd/config.toml.orig 2>/dev/null
-    sudo bash -c "containerd config default > /etc/containerd/config.toml"
-    sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
-    if [ -n "${DOCKER_PROXY_URL}" ]; then
-        sudo sed -i "s#\[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors\]#\[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors\]\n        \[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors.\"docker.io\"\]\n          endpoint = \[\"${DOCKER_PROXY_URL}\"\]\n        \[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors.\"registry.hub.docker.com\"]\n          endpoint = \[\"${DOCKER_PROXY_URL}\"]#" /etc/containerd/config.toml
-    fi
-    sudo systemctl restart containerd
+    configure_containerd
 
     [ -z "${DEBUG_INSTALL}" ] || ! echo "File: /etc/docker/daemon.json" || cat /etc/docker/daemon.json
     echo "Testing Docker CE installation ..."
-- 
2.17.1