Listening tentacle and web proxy (Squid)

Legacy Execution
1

We have set up an environment according to the description found at:

https://octopus.com/docs/installation/installing-tentacles/proxy-support. The Octopus Deploy server communicates with the Tentacle through a Web proxy (Squid)

We are using:

  • A Squid web proxy
  • Listening tentacle (ver 3.11.13)
  • Octopus server (ver 3.4.15)

All servers are running windows server 2012 R2.
When we at the Octopus server runs a health check against the tentacle, the test fails with the error shown below.
Anyone have a suggestion? It seems that the request is stopped by the Squid server. We get the identical error message when the Listening tentacle is shut down.

                | 
                |   == Failed: Check deployment target: xxxxx ==

08:55:03 Fatal | An error occurred when sending a request to ‘https://10.xxx.xx.14:10933/’, before the request could begin: Proxy destination ::ffff:10.xx.xxx.30 on port 3128 responded with a 403 code - Forbidden
08:55:03 Verbose | An error occurred when sending a request to ‘https://10.xxx.xx.14:10933/’, before the request could begin: Proxy destination ::ffff:10.xx.xxx.30 on port 3128 responded with a 403 code - Forbidden
| Halibut.HalibutClientException: An error occurred when sending a request to ‘https://10.xxx.xx.14:10933/’, before the request could begin: Proxy destination ::ffff:10.xxx.xx.30 on port 3128 responded with a 403 code - Forbidden —> Halibut.Transport.Proxy.Exceptions.ProxyException: Proxy destination ::ffff:10.47.193.30 on port 3128 responded with a 403 code - Forbidden
| at Halibut.Transport.Proxy.HttpProxyClient.HandleProxyCommandError(String host, Int32 port) in Z:\BuildAgent\work\e1bda71fea4b4831\source\Halibut\Transport\Proxy\HttpProxyClient.cs:line 298
| at Halibut.Transport.Proxy.HttpProxyClient.SendConnectionCommand(String host, Int32 port) in Z:\BuildAgent\work\e1bda71fea4b4831\source\Halibut\Transport\Proxy\HttpProxyClient.cs:line 254
| at Halibut.Transport.Proxy.HttpProxyClient.CreateConnection(String destinationHost, Int32 destinationPort, TimeSpan timeout) in Z:\BuildAgent\work\e1bda71fea4b4831\source\Halibut\Transport\Proxy\HttpProxyClient.cs:line 208
| at Halibut.Transport.SecureClient.CreateConnectedTcpClient(ServiceEndPoint endPoint) in Z:\BuildAgent\work\e1bda71fea4b4831\source\Halibut\Transport\SecureClient.cs:line 146
| at Halibut.Transport.SecureClient.EstablishNewConnection() in Z:\BuildAgent\work\e1bda71fea4b4831\source\Halibut\Transport\SecureClient.cs:line 118
| at Halibut.Transport.SecureClient.ExecuteTransaction(Action1 protocolHandler) in Z:\BuildAgent\work\e1bda71fea4b4831\source\Halibut\Transport\SecureClient.cs:line 54 | --- End of inner exception stack trace --- | Server stack trace: | at Halibut.Transport.SecureClient.HandleError(Exception lastError, Boolean retryAllowed) in Z:\BuildAgent\work\e1bda71fea4b4831\source\Halibut\Transport\SecureClient.cs:line 181 | at Halibut.HalibutRuntime.SendOutgoingHttpsRequest(RequestMessage request) in Z:\BuildAgent\work\e1bda71fea4b4831\source\Halibut\HalibutRuntime.cs:line 117 | at Halibut.ServiceModel.HalibutProxy.Invoke(IMessage msg) in Z:\BuildAgent\work\e1bda71fea4b4831\source\Halibut\ServiceModel\HalibutProxy.cs:line 33 | Exception rethrown at [0]: | at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) | at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) | at Octopus.Shared.Contracts.IScriptService.StartScript(StartScriptCommand command) | at Octopus.Worker.Tentacles.TentacleRemoteEndpointFacade.ExecuteCommand(StartScriptCommand command) in Z:\BuildAgent\work\cd33152532ae115f\source\Octopus.Worker\Tentacles\TentacleRemoteEndpointFacade.cs:line 38 | at Octopus.Worker.Tentacles.TentacleWorker.CheckHealth() in Z:\BuildAgent\work\cd33152532ae115f\source\Octopus.Worker\Tentacles\TentacleWorker.cs:line 80 | at Octopus.Server.Orchestration.Health.HealthCheckService.InvokeHealthCheck(Machine machine, Action1 customAction) in Z:\BuildAgent\work\cd33152532ae115f\source\Octopus.Server\Orchestration\Health\HealthCheckService.cs:line 108
| at Octopus.Server.Orchestration.Health.HealthCheckService.PerformHealthCheck(Machine machine, ExceptionHandling exceptionHandling, Action`1 customAction) in Z:\BuildAgent\work\cd33152532ae115f\source\Octopus.Server\Orchestration\Health\HealthCheckService.cs:line 69
| Octopus.Server version 3.4.15 (3.4.15+Branch.master.Sha.338d6700fb9db1ea111b3c9869d4dfec526068e3)

2

Hi,

This looks like a problem with your Squid configuration. Squid is returning a 403 Forbidden code rather than passing the request through to the Tentacle (that’s why the error is the same if the Tentacle is stopped).

Are you successfully using the Squid proxy for other services? I’d suggest taking a look at the Squid logs to see if they can shed some more light on things.

Regards,
Mark