Skip to main content

Configure a corporate proxy

These steps must be completed before running any installation scripts. The installer communicates with the OpenZiti controller during installation to validate availability and enroll an edge router, so proxy settings must be in place beforehand.

Steps

  1. Edit /etc/environment to set your proxy variables. Add your controller's DNS address to no_proxy so the installer can reach it directly:

    http_proxy=http://dns-of-proxy:port
    https_proxy=https://dns-of-proxy:port
    no_proxy=localhost,127.0.0.0,::1,0.0.0.0,<DNS-OF-ZITI-CONTROLLER>

  2. Log out and log back in. Changes to /etc/environment only take effect in new sessions.

  3. Verify the settings are active:

    printenv | grep proxy

    Expected output:

    http_proxy=http://dns-of-proxy:port
    https_proxy=https://dns-of-proxy:port
    no_proxy=localhost,127.0.0.0,::1,0.0.0.0,<DNS-OF-ZITI-CONTROLLER>

K3s proxy configuration

K3s normally inherits proxy settings from the system environment. If it isn't picking them up, override them explicitly:

  1. Create or update /etc/systemd/system/k3s.service.env:

    HTTP_PROXY=http://dns-of-proxy:port
    HTTPS_PROXY=https://dns-of-proxy:port
    NO_PROXY=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,<DNS-OF-ZITI-CONTROLLER>

  2. Restart K3s:

    systemctl restart k3s

See the official K3s documentation for more information.