If you are deploying the Canonical Distribution of Kubernetes behind a proxy (i.e., your charms are running in a limited-egress environment and can not reach IP addresses external to their network), you will need to configure your model appropriately before deploying the Kubernetes bundle.
Warning: Setting the
no-proxy model configs has been known to cause problems with the etcd charm. It is recommended to leave these blank and set the
juju-no-proxy model configs instead.
First, configure your model's
juju-https-proxy settings with your proxy (here we use
http://squid.internal:3128 as an example):
juju model-config juju-http-proxy=http://squid.internal:3128 juju-https-proxy=http://squid.internal:3128
Because services often need to reach machines on their own network, you will also need to update
juju-no-proxy to include any internal subnets you're using. The following example includes two subnets:
juju model-config juju-no-proxy=127.0.0.1,localhost,::1,10.5.5.0/24,10.246.64.0/21
After deploying the bundle, you need to configure the
kubernetes-worker charms to use your proxy:
juju config etcd snap_proxy=http://squid.internal:3128 juju config kubernetes-master snap_proxy=http://squid.internal:3128 http_proxy=http://squid.internal:3128 https_proxy=http://squid.internal:3128 juju config kubernetes-worker snap_proxy=http://squid.internal:3128 http_proxy=http://squid.internal:3128 https_proxy=http://squid.internal:3128