If Kasm is deployed in an environment where the user of a forward proxy is required for internet access, it may be necessary to update the Kasm deployment to use said proxies.

For example, if there is a desire to load a Kasm Registry, the admin may see a similar failure.

Registry Error: A valid url needs to be entered

Registry Error: There was a problem importing a registry

 Instructions

  1. Get the CIDR Subnet of the kasm_default_network

sudo docker network inspect kasm_default_network | grep Subnet
                    "Subnet": "172.18.0.0/16",

  1. Open the docker-compose.yaml file in an editor

sudo nano /opt/kasm/current/docker/docker-compose.yaml

  1. For the relevant services (e.g kasm_api ) add http_proxy, https_proxy and no_proxy environment variables. http_proxy and https_proxy should include the address of the desired forward proxy.

    no_proxy should include the kasm_default_network subnet as well as localhost , `127.0.0.1` and the hostnames of the other services. If this is a multi-server install, this may also include any other network segments that should not be forwarded through the proxy. All values comma delimited

    Save the file when done.

kasm_api:
    container_name: kasm_api
    user: "${KASM_UID?}:${KASM_GID?}"
    image: "kasmweb/api:develop"
    read_only: true
    environment:
      https_proxy: https://google.com
      http_proxy: http://google.com
      no_proxy: "172.18.0.0/16,localhost,127.0.0.1,proxy,kasm_agent,kasm_manager,kasm_guac"
    networks:
      - kasm_default_network
    volumes:
      - /opt/kasm/1.15.0:/opt/kasm/current
      - /opt/kasm/1.15.0/tmp/api:/tmp
    depends_on:
      - db
    restart: always
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "20"

  1. Remove the modified service container (e.g kasm_api ) and restart the Kasm Services

sudo docker rm -f kasm_api
sudo /opt/kasm/bin/stop
sudo /opt/kasm/bin/start

Troubleshooting

The following logs may be seen if the no_proxy header does not include all of the required addresses

2023-12-05 17:46:24,419 [INFO] cherrypy.access.139959594436688: 172.18.0.9 - - [05/Dec/2023:17:46:24] "POST /api/get_usage_summary HTTP/1.1" 200 44 "https://192.168.56.107/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0"
2023-12-05 17:46:24,420 [INFO] cherrypy.access.139959594436688: 172.18.0.9 - - [05/Dec/2023:17:46:24] "POST /api/get_client_settings HTTP/1.1" 200 1194 "https://192.168.56.107/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0"
Terminated
2023-12-05 17:49:57,314 [DEBUG] client_api_server: Requesting Hello for Server(5a10913f-1c32-47aa-99bd-218edc54e535) via URL: (https://proxy:443/agent/api/v1/hello/)
2023-12-05 17:49:57,334 [DEBUG] client_api_server: Error during Hello request for Server(5a10913f-1c32-47aa-99bd-218edc54e535) : (Traceback (most recent call last):
  File "urllib/request.py", line 1354, in do_open
  File "http/client.py", line 1256, in request
  File "http/client.py", line 1302, in _send_request
  File "http/client.py", line 1251, in endheaders
  File "http/client.py", line 1011, in _send_output
  File "http/client.py", line 951, in send
  File "http/client.py", line 1418, in connect
  File "http/client.py", line 927, in connect
  File "http/client.py", line 901, in _tunnel
  File "http/client.py", line 285, in _read_status
http.client.RemoteDisconnected: Remote end closed connection without response
2023-12-05 17:49:57,314 [DEBUG] client_api_server: Requesting Hello for Server(5a10913f-1c32-47aa-99bd-218edc54e535) via URL: (https://proxy:443/agent/api/v1/hello/)
2023-12-05 17:49:57,334 [DEBUG] client_api_server: Error during Hello request for Server(5a10913f-1c32-47aa-99bd-218edc54e535) : (Traceback (most recent call last):
  File "urllib/request.py", line 1354, in do_open
  File "http/client.py", line 1256, in request
  File "http/client.py", line 1302, in _send_request
  File "http/client.py", line 1251, in endheaders
  File "http/client.py", line 1011, in _send_output
  File "http/client.py", line 951, in send
  File "http/client.py", line 1418, in connect
  File "http/client.py", line 927, in connect
  File "http/client.py", line 901, in _tunnel
  File "http/client.py", line 285, in _read_status
http.client.RemoteDisconnected: Remote end closed connection without response

Related Resources