Configure No Proxy for Tanzu Kubernetes Guest Cluster

You can configure the no proxy setting for a TKG cluster in the NSX Application Platform Automation Appliance and specify IP addresses for which the proxy should not be used.

By default, the Management, Frontend, and Workload networks are added in the no proxy setting. You can also add FQDNs to the no proxy setting.

Procedure

SSH into the NSX Application Platform Automation Appliance with Admin privileges.
Navigate to the template file used for TKG cluster creation.
/opt/napp/templates/napp-forward_proxy.tmpl
Open the file.

Update the noProxy section.

settings:
    network:
      cni:
        name: antrea
      pods:
        cidrBlocks:
          - {{.GuestClusterPodsCidr}}
      services:
        cidrBlocks:
          - {{.GuestClusterServicesCidr}}
      proxy:
        httpProxy: {{.ProxyURL}}
        httpsProxy: {{.ProxyURL}}
        noProxy:
          - "{{.WorkloadNetwork}}"
          - "{{.FrontEndNetwork}}"
          - "{{.ManagementNetwork}}"

Save the template file.

Results

During the Tanzu Kubernetes Grid deployment, the no proxy settings are applied to the TKG cluster.