Skip to main content
Skip table of contents

Create a Cluster with HTTP/HTTPS Proxy

During cluster creation, you may need to configure the control plane and worker nodes to use an HTTP proxy. This can occur during installation of the Konvoy component of DKP, or when creating a managed cluster.

If you require HTTP proxy configurations, you can apply them during the create operation by adding the appropriate flags to the create cluster command example below:

Proxy configuration


HTTP proxy for control plane machines

--control-plane-http-proxy string

HTTPS proxy for control plane machines

--control-plane-https-proxy string

No Proxy list for control plane machines

--control-plane-no-proxy strings

HTTP proxy for worker machines

--worker-http-proxy string

HTTPS proxy for worker machines

--worker-https-proxy string

No Proxy list for worker machines

--worker-no-proxy strings

You must apply the same configuration to any custom machine images built with the Konvoy Image Builder (KIB) by using an HTTP override file. For more information, refer to Use Override Files with Konvoy Image Builder section of the documentation.

Configure the Control plane and Worker Nodes to Use HTTP/S proxy

This method for configuring the HTTP proxy values uses environment variables. (You are not required to use this method.)

Review this sample code for configuring environment variables for the control plane and worker nodes, taking into account the list of considerations that follows the sample.

export CONTROL_PLANE_NO_PROXY=",,,localhost,,,,kubernetes,kubernetes.default,kubernetes.default.svc,kubernetes.default.svc.cluster,kubernetes.default.svc.cluster.local,.svc,.svc.cluster,.svc.cluster.local,,"

export WORKER_NO_PROXY=",,,localhost,,,,kubernetes,kubernetes.default,kubernetes.default.svc,kubernetes.default.svc.cluster,kubernetes.default.svc.cluster.local,.svc,.svc.cluster,.svc.cluster.local,,"


HTTP proxy configuration considerations to ensure the core components work correctly

  • Replace,, with your internal addresses

  • localhost and addresses should not use the proxy

  • is the default Kubernetes service subnet

  • is the default Kubernetes pod subnet

  • kubernetes,kubernetes.default,kubernetes.default.svc,kubernetes.default.svc.cluster,kubernetes.default.svc.cluster.local is the internal Kubernetes kube-apiserver service

  • The entries .svc,.svc.cluster,.svc.cluster.local are the internal Kubernetes services

  • Auto-IP addresses for any cloud provider

Create a Cluster Using the Configured HTTP Proxy Variables

The following is an example of a dkp create cluster... command that uses the values set in the environment variables from the code sample above. Use the appropriate infrastructure provider name in line 1 from the choices listed:

 dkp create cluster [aws, azure, gcp, preprovisoned, vsphere] \
  --cluster-name ${CLUSTER_NAME} \
  --control-plane-http-proxy="${CONTROL_PLANE_HTTP_PROXY}" \
  --control-plane-https-proxy="${CONTROL_PLANE_HTTPS_PROXY}" \
  --control-plane-no-proxy="${CONTROL_PLANE_NO_PROXY}" \
  --worker-http-proxy="${WORKER_HTTP_PROXY}" \
  --worker-https-proxy="${WORKER_HTTPS_PROXY}" \


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.