Skip to content

chore: restore content removed by mistake #811

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Dec 17, 2024
Merged

chore: restore content removed by mistake #811

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 8 additions & 4 deletions assemblies/assembly-configuring-a-proxy.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,16 @@

In a network restricted environment, configure {product} to use your proxy to access remote network resources.

You can run the {product-very-short} application behind a corporate proxy by setting any of the following environment variables before starting the application:
You can run the {product-short} application behind a corporate proxy by setting any of the following environment variables before starting the application:

* `HTTP_PROXY`: Denotes the proxy to use for HTTP requests.
* `HTTPS_PROXY`: Denotes the proxy to use for HTTPS requests.
`HTTP_PROXY`:: Denotes the proxy to use for HTTP requests.
`HTTPS_PROXY`:: Denotes the proxy to use for HTTPS requests.

`NO_PROXY`:: Set the environment variable to bypass the proxy for certain domains. The variable value is a comma-separated list of hostnames or IP addresses that can be accessed without the proxy, even if one is specified.


include::modules/configuring-a-proxy/con-understanding-the-no_proxy-exclusion-rules.adoc[leveloffset=+1]

Additionally, set the `NO_PROXY` environment variable to bypass the proxy for certain domains. The variable value is a comma-separated list of hostnames or IP addresses that can be accessed without the proxy, even if one is specified.

include::modules/configuring-a-proxy/proc-configuring-proxy-in-operator-deployment.adoc[leveloffset=+1]

Expand Down
34 changes: 34 additions & 0 deletions modules/configuring-a-proxy/con-understanding-the-no_proxy-exclusion-rules.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
[id='understanding-the-no-proxy-exclusion-rules']
= Understanding the `NO_PROXY` exclusion rules

`NO_PROXY` is a comma or space-separated list of hostnames or IP addresses, with optional port numbers. If the input URL matches any of the entries listed in `NO_PROXY`, a direct request fetches that URL, for example, bypassing the proxy settings.

[NOTE]
====
The default value for `NO_PROXY` in {product-very-short} is `localhost,127.0.0.1`. If you want to override it, include at least `localhost` or `localhost:7007` in the list. Otherwise, the {product-very-short} backend might fail.
====

Matching follows the rules below:

* `NO_PROXY=*` will bypass the proxy for all requests.

* Space and commas might separate the entries in the `NO_PROXY` list. For example, `NO_PROXY="localhost,example.com"`, or `NO_PROXY="localhost example.com"`, or `NO_PROXY="localhost, example.com"` would have the same effect.

* If `NO_PROXY` contains no entries, configuring the `HTTP(S)_PROXY` settings makes the backend send all requests through the proxy.

* The backend does not perform a DNS lookup to determine if a request should bypass the proxy or not. For example, if DNS resolves `example.com` to `1.2.3.4`, setting `NO_PROXY=1.2.3.4` has no effect on requests sent to `example.com`. Only requests sent to the IP address `1.2.3.4` bypass the proxy.

* If you add a port after the hostname or IP address, the request must match both the host/IP and port to bypass the proxy. For example, `NO_PROXY=example.com:1234` would bypass the proxy for requests to `http(s)://example.com:1234`, but not for requests on other ports, like `http(s)://example.com`.

* If you do not specify a port after the hostname or IP address, all requests to that host/IP address will bypass the proxy regardless of the port. For example, `NO_PROXY=localhost` would bypass the proxy for requests sent to URLs like `http(s)://localhost:7077` and `http(s)://localhost:8888`.

* IP Address blocks in CIDR notation will not work. So setting `NO_PROXY=10.11.0.0/16` will not have any effect, even if the backend sends a request to an IP address in that block.

* Supports only IPv4 addresses. IPv6 addresses like `::1` will not work.

* Generally, the proxy is only bypassed if the hostname is an exact match for an entry in the `NO_PROXY` list. The only exceptions are entries that start with a dot (`.`) or with a wildcard (`*`). In such a case, bypass the proxy if the hostname ends with the entry.

[NOTE]
====
List the domain and the wildcard domain if you want to exclude a given domain and all its subdomains. For example, you would set `NO_PROXY=example.com,.example.com` to bypass the proxy for requests sent to `http(s)://example.com` and `http(s)://subdomain.example.com`.
====
Loading