You can configure the no proxy setting for a TKG cluster in the NSX Application Platform Automation Appliance and specify IP addresses for which the proxy should not be used.

By default, the Management, Frontend, and Workload networks are added in the no proxy setting. You can also add FQDNs to the no proxy setting.

Procedure

  1. SSH into the NSX Application Platform Automation Appliance with Admin privileges.
  2. Navigate to the template file used for TKG cluster creation.
    /opt/napp/templates/napp-forward_proxy.tmpl
  3. Open the file.
  4. Update the noProxy section.
    settings:
        network:
          cni:
            name: antrea
          pods:
            cidrBlocks:
              - {{.GuestClusterPodsCidr}}
          services:
            cidrBlocks:
              - {{.GuestClusterServicesCidr}}
          proxy:
            httpProxy: {{.ProxyURL}}
            httpsProxy: {{.ProxyURL}}
            noProxy:
              - "{{.WorkloadNetwork}}"
              - "{{.FrontEndNetwork}}"
              - "{{.ManagementNetwork}}"
  5. Save the template file.

Results

During the Tanzu Kubernetes Grid deployment, the no proxy settings are applied to the TKG cluster.