Configuring a microk8s Single Node Instance to Use a Network Proxy
Overview
If you are using the microk8s Single Node Installer and your site requires proxy access to get to the internet, making a few quick changes to your operating system configuration will enable our installer to access the resources it needs over the internet. This document discusses these changes.
Steps
We also cover the case where you need to use a proxy to access the internet. Please make sure that the following host variables are set:
Ubuntu Specific Directions
If your company's proxy is http://corporate.proxy:3128
, you would edit /etc/environment
and add the following lines:
HTTPS_PROXY=http://corporate.proxy:3128
HTTP_PROXY=http://corporate.proxy:3128
https_proxy=http://corporate.proxy:3128
http_proxy=http://corporate.proxy:3128
NO_PROXY=10.1.0.0/16,10.152.183.0/24,127.0.0.1,*.svc
no_proxy=10.1.0.0/16,10.152.183.0/24,127.0.0.1,*.svc
The IP Ranges specified to NO_PROXY
and no_proxy
are specific to the microk8s cluster and prevent microk8s traffic from going over the proxy.
EL Specific Directions
Using the same example of having a company proxy at http://corporate.proxy:3128
, you would edit /etc/profile.d/http_proxy.sh
and add the following lines:
export HTTP_PROXY=http://corporate.proxy:3128
export HTTPS_PROXY=http://corporate.proxy:3128
export http_proxy=http://corporate.proxy:3128
export https_proxy=http://corporate.proxy:3128
export NO_PROXY=10.1.0.0/16,10.152.183.0/24,127.0.0.1,*.svc
export no_proxy=10.1.0.0/16,10.152.183.0/24,127.0.0.1,*.svc
The IP Ranges specified to NO_PROXY
and no_proxy
are specific to the microk8s cluster and prevent microk8s traffic from going over the proxy.
In Conclusion
You will need to log out and back in for the environment variables to be re-read after setting them. If you already have microk8s running, you will need to issue:
microk8s.stop
microk8s.start
to have it reload the new environment variables.
If you need to use an authenticated proxy, then the URL schema for both EL and Ubuntu is as follows:
protocol:user:password@host:port
So if your proxy is corporate.proxy
and listens on port 3128 without SSL and requires a username of bob
and a password of inmye1em3nt
then your url would be formatted:
http://bob:inmye1em3nt@corporate.proxy:3128
For further help with proxies, we suggest that you contact your proxy administrator or operating system vendor.