no_proxy environment variable ignored in kubernetes-client Python library #2520
Description
Summary
The kubernetes Python client library fails to respect the no_proxy environment variable due to a bug in configuration.py. This causes all HTTPS requests to be routed through a proxy server, even for hosts that should bypass the proxy (e.g., internal .local domains).
Affected Version
kubernetes-client version: 35.0.0
Python: 3.12
Root Cause
In kubernetes/client/configuration.py, lines 167-173:
self.no_proxy = None# Load no_proxy from environment variables (if set)if os.getenv("NO_PROXY"): self.no_proxy = os.getenv("NO_PROXY")if os.getenv("no_proxy"): self.no_proxy = os.getenv("no_proxy")"""Proxy URL"""self.no_proxy = None # <-- BUG: This line resets no_proxy back to None!"""bypass proxy for host in the no_proxy list."""
The no_proxy value is correctly loaded from environment variables on lines 169-170, but is immediately overwritten by self.no_proxy = None on line 173. This appears to be a copy-paste error where the docstring was added but the original self.no_proxy = None declaration was not removed.
Expected Behavior
When no_proxy or NO_PROXY environment variable is set (e.g., no_proxy=".local,localhost"), the kubernetes client should bypass the proxy for matching hosts.
Actual Behavior
The no_proxy configuration is always None, causing all requests to go through the proxy, resulting in:
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='api.example.local', port=6443): Max retries exceeded with url: /api/v1/namespaces/... (Caused by ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 504 Gateway Timeout')))
Steps to Reproduce
import osos.environ['no_proxy'] = '.local,localhost'os.environ['https_proxy'] = 'http://proxy.example.com:8080'from kubernetes.client import Configurationc = Configuration()print(f"proxy: {c.proxy}") # Output: http://proxy.example.com:8080print(f"no_proxy: {c.no_proxy}") # Output: None <-- Should be ".local,localhost"
Proposed Fix
Remove or comment out the redundant self.no_proxy = None line (line 173):
self.no_proxy = None# Load no_proxy from environment variables (if set)if os.getenv("NO_PROXY"): self.no_proxy = os.getenv("NO_PROXY")if os.getenv("no_proxy"): self.no_proxy = os.getenv("no_proxy")"""Proxy URL"""# self.no_proxy = None # REMOVED - was resetting no_proxy loaded from env"""bypass proxy for host in the no_proxy list."""
Workaround
Manually set no_proxy on the Configuration object after loading:
from kubernetes import client, configfrom kubernetes.client import Configurationimport osconfig.load_kube_config(config_file='kubeconfig', context='my-context')cfg = Configuration.get_default_copy()cfg.no_proxy = os.environ.get('no_proxy') or os.environ.get('NO_PROXY')Configuration.set_default(cfg)