Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support configuring HTTP proxy for accessing S3 service #408

Open
spynode opened this issue Mar 7, 2025 · 2 comments
Open

Support configuring HTTP proxy for accessing S3 service #408

spynode opened this issue Mar 7, 2025 · 2 comments
Labels
enhancement New feature or request

Comments

@spynode
Copy link

spynode commented Mar 7, 2025

/feature

Is your feature request related to a problem? Please describe.
I want to configure HTTP proxy server for CSI to access AWS services in environments where direct Internet access is restricted.

Describe the solution you'd like in detail
I tested mount-s3 binary with passing HTTPS_PROXY and HTTP_PROXY environment variables and it uses them to proxy the requests via the configured proxies. I could not find how to pass environment variables to mount systemd unit via driver configuration. So either allow passing env variables or create specific config for HTTP proxy.

Describe alternatives you've considered
Maybe in new approach with mounting via container(#279), it will be possible to just pass env variables to mountpoint container in a generic Kubernetes way and this would essentially cover this case?
@spynode
Copy link
Author

spynode commented Mar 7, 2025

In our case, if Mountpoint is running in pod, it would use Pod network, which has access to the Internet. So we would not need any proxy config in such case. But maybe in different setups it would still be beneficial to configure proxy or pass env variables to mountpoint-s3.

@unexge unexge added the enhancement New feature or request label Mar 7, 2025
@unexge
Copy link
Contributor

unexge commented Mar 7, 2025

Hey @spynode, thanks for the report! Seems like #279 would solve your use-case. We'd like to hear if you have other use-cases where you still need to pass specific environment variables to Mountpoint containers.

Meanwhile, to unblock yourself with current systemd approach, there is a way to modify Mountpoint's systemd units using drop-in files. This is kinda a bit hacky, but if you want to unblock yourself until #279 delivered, you might consider using it.

You can create a drop-in file at /etc/systemd/system/mount-s3-.service.d/ (as Mountpoint systemd units are named mount-s3-<mp-version>-<uuid>.service), and your drop-in files would be applied to Mountpoint systemd units during creation. For example:

$ cat /etc/systemd/system/mount-s3-.service.d/50-env.conf
[Service]
Environment="FOO=BAR"

Then you'd need to restart your systemd daemon to apply changes:

$ systemctl daemon-reload

After that, any workload created using Mountpoint CSI Driver should get modifications from your drop-in files:

cat /proc/`pgrep -f mount-s3`/environ | strings
...
FOO=BAR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@spynode @unexge