docker-idrac6 icon indicating copy to clipboard operation
docker-idrac6 copied to clipboard

Published 20 hours ago verified publisher icon DomiStyle

Add support for SOCKS5 proxy

Open julien-sobczak opened this issue 11 months ago • 0 comments

Context

BMCs often uses a private subnet which is not always accessible using a VPN connection.

We can start a SSH tunnel with port forwarding like this:

$ ssh -L 4443:<BMC_IP>:443 <remote_proxy>

But the image docker-idrac6 fails because WebSockets doesn't seem supported as reported in logs:

webSocketsHandshake: invalid client header

Proposal

Using a SOCKS5 proxy solves the issue:

$ ssh -fND 4443 <remote_proxy>
$ docker run -p 5800:5800 -p 5900:5900 -e SOCKS_PROXY_HOST=host.docker.internal -e SOCKS_PROXY_PORT=4443 -e IDRAC_HOST=<BMC_IP> -e IDRAC_PORT=443 -e IDRAC_USER=root -e IDRAC_PASSWORD=XXX domistyle/idrac6

But this implies a few changes:

  • Switch to curl as wget doesn't support SOCKS.
  • Use a less-secured cypher with curl to avoid the error dh key too small.

julien-sobczak avatar Mar 26 '24 09:03 julien-sobczak