If you are using an existing Virtual Private Cloud (VPC), you can configure a cluster-wide proxy during cluster installation or after the cluster is installed. When you enable a proxy, the core cluster components are denied direct access to the internet, but the proxy does not affect user workloads.
|
Note
|
Only cluster system egress traffic is proxied, including calls to the cloud provider API. |
If you use a cluster-wide proxy, you are responsible for maintaining the availability of the proxy to the cluster. If the proxy becomes unavailable, then it might impact the health and supportability of the cluster.
Additional resources
modules/configuring-a-proxy-trust-bundle-responsibilities.adoc