How to: Use CMX to simulate installs with Proxy's

Joe_Martinez · June 18, 2025, 5:33pm

CMX Proxy guide

What You Need

2 CMX VMs that are on the same network
One will be the proxy server, one will be the target for installation

Step 1: Set Up Proxy VM

Spin up a CMX VM

replicated vm create --distribution ubuntu --version 22.04 --instance-type r1.xlarge --disk 100

SSH into the CMX VM

replicated vm ssh-endpoint [vm name]
ssh://example@output:41941

ssh ssh://example@output:41941

Install Squid Proxy

sudo apt update
sudo apt install -y squid openssl curl

# Stop squid to configure it
sudo systemctl stop squid

Configure Squid

Replace the default squid configuration:

# Backup original config
sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.backup

# Create new simple config
sudo tee /etc/squid/squid.conf > /dev/null << 'EOF'
# Listen on port 3128
http_port 3128

# Define who can use the proxy (example)
acl localnet src 127.0.0.0/8       # Localhost

# Define safe ports
acl Safe_ports port 80              # HTTP
acl Safe_ports port 443             # HTTPS
acl Safe_ports port 21              # FTP
acl Safe_ports port 1025-65535      # High ports
acl SSL_ports port 443              # HTTPS
acl CONNECT method CONNECT          # For HTTPS tunneling

# Security rules
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

# Allow access from local networks
http_access allow localnet
http_access allow localhost

# Deny everything else
http_access deny all

# Enable logging
access_log /var/log/squid/access.log
EOF

# Start squid
sudo systemctl restart squid
sudo systemctl enable squid

Test Proxy Works

# Get your proxy VM's IP
hostname -I

# Test locally first
curl -x http://127.0.0.1:3128 -v http://www.google.com

# Should see "HTTP/1.1 200 OK" response

Step 2: Create and Test from Target VM

Spin up a CMX VM on the Proxy VM network

replicated network ls
(copy network ID of proxy VM)

replicated vm create --distribution ubuntu --version 22.04 --instance-type r1.xlarge --disk 100 --network (network ID of proxy VM)

SSH into the CMX VM

replicated vm ssh-endpoint [install vm name]
ssh://example@output:41941

ssh ssh://example@output:41941

Test Proxy Connection

# SSH to your target VM
# Replace PROXY_IP with your proxy VM's actual IP
PROXY_IP="XXXXX"  # Your proxy VM IP

# Test connection to proxy
curl -x http://$PROXY_IP:3128 -v https://replicated.app

# Should return "HTTP/2 200"

Install

sudo ./your-ec-binary install \
  --license license.yaml \
  --http-proxy http://$PROXY_IP:3128 \
  --https-proxy http://$PROXY_IP:3128 \
  --admin-console-port 8080 \
  --admin-console-password testpassword

Topic		Replies	Views
How do I do an existing cluster installation in an environment with https proxy? How do I? existing-cluster	1	303	August 23, 2022
How can I install a kURL embedded cluster in an environment with an HTTP proxy? Supporting your customers	2	670	April 14, 2021
Troubleshoot Preflight failures with HTTPS Proxy Troubleshooting embedded-cluster	0	6	June 17, 2025
How to setup SonaType Nexus proxy repo to proxy.replicated.com How do I?	3	187	August 20, 2024
Troubleshooting issues with KOTS install with a squid proxy Supporting your customers kots , proxy , install	1	346	August 25, 2022

How to: Use CMX to simulate installs with Proxy's

CMX Proxy guide

What You Need

Step 1: Set Up Proxy VM

Spin up a CMX VM

SSH into the CMX VM

Install Squid Proxy

Configure Squid

Test Proxy Works

Step 2: Create and Test from Target VM

Spin up a CMX VM on the Proxy VM network

SSH into the CMX VM

Test Proxy Connection

Install

Related topics