Mirantis Container Cloud (MCC) becomes part of Mirantis OpenStack for Kubernetes (MOSK)!
Starting with MOSK 25.2, the MOSK documentation set will cover all product layers, including MOSK management (formerly MCC). This means everything you need will be in one place. The separate MCC documentation site will be retired, so please update your bookmarks for continued easy access to the latest content.
Requirements for a MITM proxy¶
Note
For MOSK clusters, the feature is generally available since MOSK 23.1.
While bootstrapping a Container Cloud management cluster using proxy, you may require Internet access to go through a man-in-the-middle (MITM) proxy. Such configuration requires that you enable streaming and install a CA certificate on a bootstrap node.
Enable streaming for MITM¶
Ensure that the MITM proxy is configured with enabled streaming. For example, if you use mitmproxy, enable the stream_large_bodies=1 option:
./mitmdump --set stream_large_bodies=1
Install a CA certificate for a MITM proxy on a bootstrap node¶
Log in to the bootstrap node.
Install
ca-certificates
:apt install ca-certificates
Copy your CA certificate to the
/usr/local/share/ca-certificates/
directory. For example:sudo cp ~/.mitmproxy/mitmproxy-ca-cert.cer /usr/local/share/ca-certificates/mitmproxy-ca-cert.crt
Replace
~/.mitmproxy/mitmproxy-ca-cert.cer
with the path to your CA certificate.Caution
The target CA certificate file must be in the
PEM
format with the.crt
extension.Apply the changes:
sudo update-ca-certificates
Now, proceed with bootstrapping your management cluster.