Because my Kubernetes Cluster is behind a corporate proxy, I need to set http/https proxy in pods via environment variables and set no_proxy to allow inter-pod and inter-service communication and communication with other local private servers.
Proxy http/https configuration worked perfectly when passing to the pods through env variables; but no_proxy did not work well and it breaks internal pod/service communication.
I have tried unsuccessfully to set no_proxy and NO_PROXY at different levels in Kubernetes, mainly at:
- Docker daemon: /etc/systemd/system/docker.service.d/http-proxy.conf
- Docker client: /root/.docker/config.json (although it does not seem applicable when using Docker v1.13.1 on CentOS)
- Docker client: through environment variables passed to the pods at creation time, in the yaml file used to run them with kubectl
- Kubernetes master and worker nodes as environment variables
- and many combinations of the above settings
Proxy configuration within PODs succeeded with env variables inside the PODs:
export http_proxy="http://10.16.1.1:8080"
export https_proxy="https://10.16.1.1:8080"
But, none of the above worked for no_proxy exceptions, and I tried many syntax and also added my nodes, pod & service networks, and .svc (as suggested for OpenShift)... as listed below:
export no_proxy=".svc,.example.com"
export no_proxy="localhost,127.0.0.0/8,10.1.16.0/24,10.240.0.0/16,10.241.0.0/16,*.domain.com"
export no_proxy=".svc,.default,.local,.cluster.local,localhost,127.0.0.0/8,10.1.16.0/24,10.240.0.0/16,10.241.0.0/16,.domain.com"
export NO_PROXY=$no_proxy
I am using Kubernetes v1.11.2 + Docker v1.13.1 on CentOS7;
Any help would be appreciated.
