Configuring the proxy for secured cluster services in RHACS Cloud Service - Setting up RHACS Cloud Service with Red Hat OpenShift secured clusters | RHACS Cloud Service | Red Hat Advanced Cluster Security for Kubernetes 4.0

Specifying the environment variables in the SecuredCluster CR

You must configure the proxy settings for secured cluster services within the Red Hat Advanced Cluster Security Cloud Service (RHACS Cloud Service) environment to establish a connection between the Secured Cluster and the specified proxy server. This ensures reliable data collection and transmission.

Specifying the environment variables in the SecuredCluster CR

To configure an egress proxy, you can either use the cluster-wide Red Hat OpenShift proxy or specify the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables within the SecuredCluster Custom Resource (CR) configuration file to ensure proper use of the proxy and bypass for internal requests within the specified domain.

The proxy configuration applies to all running services: Sensor, Collector, Admission Controller and Scanner.

Procedure

Specify the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY environment variables under the customize specification in the SecuredCluster CR configuration file:

For example:

# proxy collector
customize:
  envVars:
    HTTP_PROXY: http://egress-proxy.stackrox.svc:xxxx (1)
    HTTPS_PROXY: http://egress-proxy.stackrox.svc:xxxx (2)
    NO_PROXY: .stackrox.svc (3)

1	The variable `HTTP_PROXY` is set to the value `http://egress-proxy.stackrox.svc:xxxx`. This is the proxy server used for HTTP connections.
2	The variable `HTTPS_PROXY` is set to the value `http://egress-proxy.stackrox.svc:xxxx`. This is the proxy server used for HTTPS connections.
3	The variable `NO _PROXY` is set to `.stackrox.svc`. This variable is used to define the hostname or IP address that should not be accessed through the proxy server.