HTTP proxies

There are several cases where you may need DSS to work along with Web proxies.

  • If your users need to go through a (direct) proxy to reach the DSS interface. The only real issue here is that your proxy must support the WebSocket protocol, and allow long-lived WebSocket connections.

  • If DSS is installed on a server without direct outgoing Internet access, it may need to go through a proxy to reach external resources. Section Configuring a proxy for DSS to access external resources describes the configuration steps required for this.

Note

This must not be confused with the ability to deploy DSS behind a reverse proxy. See Using reverse proxies for more details.

Note about Websockets

Data Science Studio uses the WebSocket protocol for parts of its user interface. This web protocol is fairly recent, and not yet supported by all HTTP proxies.

Make sure any direct or reverse proxy configured between Data Science Studio and its users correctly supports WebSocket, and is configured accordingly.

At the time of writing, this includes:

See Websockets problems for related details and troubleshooting advice.

Configuring a proxy for DSS to access external resources

Data Science Studio proxy configuration for remote datasets

If Data Science Studio runs inside your private network, you may need to configure an outgoing proxy for it to be able to access external HTTP- or FTP-based network resources.

This applies in particular to HTTP, HTTPS and FTP remote datasets, Amazon S3 datasets and Twitter streams.

You can define a global proxy configuration for DSS in the “Settings” tab of the Administration page. Choose Proxy, fill in the fields, and save.

Every HTTP(S)- and FTP-based connection will now have an additional “Use global proxy” checkbox. Uncheck it if that connection should not go through the proxy (e.g. for services that are inside your private network). This also applies to Amazon EC2/S3, Elasticsearch, and Twitter connections.

Note

SOCKS proxies are not supported in Data Science Studio.

Warning

A note on FTP through HTTP Proxy

Connecting to a FTP server through an HTTP proxy requires passive mode, and requires the proxy to allow and support HTTP CONNECT method on ports 20, 21 and all unpriviledged ports (1024-65535).

Below is a sample Apache 2.4 configuration for this:

Listen 3128
<VirtualHost *:3128>
  ProxyRequests On
  ProxyVia On
  AllowConnect 20 21 443 1024-65535
  <Proxy *>
    Order deny,allow
    Deny from all
    # IP of internal network
    Allow from 1.2.3.4
  </Proxy>
</VirtualHost>

Proxy configuration for Python and R processes

The above global proxy configuration applies only to native connections made from the Data Science Studio backend. If you need to go through a proxy for network connections done from Python or R code (from recipe or notebook), you should configure it using standard configuration directives for these environments. This includes adding explicit proxy parameters to the network calls, e.g. for Python requests:

requests.get(URL, proxies={'http', 'http://MYPROXY:MYPROXYPORT'})

and/or globally configuring proxy directives through the standard http_proxy (https_proxy, ftp_proxy …) environment variables, e.g.:

# Add the following directive to DATADIR/bin/env-site.sh
# or to the session initialization file of the DSS Unix user (.profile or equivalent)
export http_proxy="http://MYPROXY:MYPROXYPORT"

Refer to Python / R reference manuals for details.

Note

This also applies to network accesses needed to download and install additional Python or R packages.