Configure system upgrade controller with http proxy

[yngveh]

Is your feature request related to a problem? Please describe. There seams to be no way to properly configure the system upgrade contoller with http proxy.

Describe alternatives you've considered

Editing the config map in /var/lib/rancher/k3s/server/manifests/system-upgrade-controller.yaml to include HTTPS_PROXY environment variable seems to be working, but this will not survive a reboot since the file is rsync'ed at boot (https://github.com/rancher/k3os/blob/master/overlay/libexec/k3os/boot#L159).

/var/lib/rancher/k3s/server/manifests/system-upgrade-controller.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: default-controller-env
  namespace: k3os-system
data:
  HTTPS_PROXY: "http://proxy.organisation.com:80"
  NO_PROXY: "10.0.0.0/8"
  SYSTEM_UPGRADE_CONTROLLER_DEBUG: "false"
  SYSTEM_UPGRADE_CONTROLLER_THREADS: "2"
  SYSTEM_UPGRADE_JOB_ACTIVE_DEADLINE_SECONDS: "900"
  SYSTEM_UPGRADE_JOB_BACKOFF_LIMIT: "2"
  SYSTEM_UPGRADE_JOB_IMAGE_PULL_POLICY: "IfNotPresent"
  SYSTEM_UPGRADE_JOB_KUBECTL_IMAGE: "rancher/kubectl:v1.20.11"
  SYSTEM_UPGRADE_JOB_PRIVILEGED: "true"
  SYSTEM_UPGRADE_JOB_TTL_SECONDS_AFTER_FINISH: "900"
  SYSTEM_UPGRADE_PLAN_POLLING_INTERVAL: "15m"

[dweomer]

@yngveh apologies for the hassle but a work-around might be to leverage a k3s-addon skip-file, e.g. sudo touch /var/lib/rancher/k3s/server/manifests/system-upgrade-controller.yaml.skip and then copy the manifest to a different filename in the manifests dir and your changes will not be overwritten upon reboot.

[yngveh]

@dweomer the suggesten work-around work as expected and solved the problem with rebooting.

I suppose the only thing to keep in mind is to manualy maintain future changes from the orginal controller yaml, as upgrades of the controller version.

Thanks for the solution!