Networking
2 minute read
This page covers Helm values for network configuration, proxies, and network policies.
HTTP Proxy
Variable: httpProxy
Description: The HTTPProxy helm value allows you to specify an HTTP proxy server that the Edge Delta agents will use for routing outbound HTTP traffic. This setting is useful in environments where direct access to external endpoints is restricted, and traffic must pass through an internal proxy for monitoring, security, or policy enforcement reasons.
Example: In a production environment, you might have a corporate proxy server set up to control and monitor outgoing HTTP requests. The HTTPProxy setting should be configured with the address of this corporate proxy server. This is an example of how you can configure the httpProxy for a production environment where the corporate proxy server is hosted at http://corp-proxy.example.com:8080.
--set httpProxy="http://corp-proxy.example.com:8080"
HTTPS Proxy
Variable: httpsProxy
Description: Address to route the pipeline’s outbound traffic through an HTTPS internal proxy.
Example: "https://127.0.0.1:3128"
noProxy: specify multiple bypass targets
Variable: noProxy
Comma-separated list of hosts, domains, or CIDR ranges that must skip the httpProxy / httpsProxy proxies (equivalent to the NO_PROXY environment variable).
--set httpProxy=http://corp:8080 \
--set httpsProxy=http://corp:8443 \
--set noProxy="169.254.169.254,10.0.0.0/8,.svc.cluster.local"
Network Policy
Enable Cilium network policy for clusters with default-deny egress.
networkPolicy:
enabled: true
type: cilium
cilium:
dnsSelector:
toEndpoints:
- matchLabels:
k8s-app: kube-dns
customEndpoints:
toFQDNs:
- matchName: api.edgedelta.com
toPorts:
- ports:
- port: "443"
protocol: TCP
Inline example:
--set networkPolicy.enabled=true \
--set networkPolicy.cilium.customEndpoints.toFQDNs[0].matchName=api.edgedelta.com