Skip to content

Proxy configuration

George Kraft edited this page Oct 19, 2018 · 7 revisions

If you are deploying the Canonical Distribution of Kubernetes behind a proxy (i.e., your charms are running in a limited-egress environment and can not reach IP addresses external to their network), you will need to configure your model appropriately before deploying the Kubernetes bundle.

First, configure your model's juju-http-proxy and juju-https-proxy settings with your proxy (here we use http://squid.internal:3128 as an example):

$ juju model-config juju-http-proxy=http://squid.internal:3128 juju-https-proxy=http://squid.internal:3128

Because services often need to reach machines on their own network, you will also need to update juju-no-proxy to include any internal subnets you're using. The following example includes two subnets:

$ juju model-config juju-no-proxy=127.0.0.1,localhost,::1,10.5.5.0/24,10.246.64.0/21

After deploying the bundle, you need to configure the etcd, kubernetes-master, and kubernetes-worker charms to use your proxy:

$ juju config etcd snap_proxy=http://squid.internal:3128
$ juju config kubernetes-master snap_proxy=http://squid.internal:3128
$ juju config kubernetes-worker snap_proxy=http://squid.internal:3128 http_proxy=http://squid.internal:3128 https_proxy=http://squid.internal:3128
You can’t perform that action at this time.