This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to configure proxy whitelisting for the CSI driver?

Go to solution
Enrico_F
DynaMight Pro
DynaMight Pro

‎14 Jun 2024 07:23 AM - edited ‎14 Jun 2024 07:43 AM

Has anyone been able to successfully configure URL proxy whitelisting for the CSI driver? If so, how and using which Dynatrace operator version?

Our use case for this is pulling the code module images from a private registry that isn't reachable over the proxy configured in the Dynakube via secret referenced by "spec.proxy.valueFrom".

So far, all our attempts to use the feature flag "feature.dynatrace.com/no-proxy" with operator v0.14.2 were unsuccessful (CSI driver still used the proxy to connect to a registry whose FQDN was configured as a value for the feature flag). The target image is configured  via "spec.oneAgent.applicationMonitoring.codeModulesImage" in the Dynakube.

0 Kudos
Reply
3 REPLIES 3

Go to solution
IzabelaRokita
Community Team
Community Team

‎26 May 2025 08:56 AM

Hey @Enrico_F !
Sorry for the delay. Our Community gets lots of activity every day, and unfortunately, sometimes, some posts don't get as much attention as they deserve. Did you find an answer to your question, or would you like me to seek further assistance for you? 

0 Kudos
Reply

Go to solution
Enrico_F
DynaMight Pro
DynaMight Pro

‎27 May 2025 09:06 AM

Hi @IzabelaRokita 

Indeed, it's been a while since I posted my question and I believe (though not 100% sure) the fix at the time was to enable the feature flag "feature.dynatrace.com/oneagent-ignore-proxy" (using operator 0.14.2). I think the confusion mainly originated due to the insufficient documentation about this feature flag e.g. it doesn't mention anything about whether or not it applies to the CSI driver. Granted, the feature flag has been deprecated since operator 1.3.0 but it would have been helpful if the documentation had been written more clearly.

0 Kudos
Reply

Go to solution
Enrico_F
DynaMight Pro
DynaMight Pro

‎27 May 2025 11:16 AM - edited ‎27 May 2025 11:22 AM

Actually, after digging out the support request at the time it was confirmed that operator 0.14.2 (and probably also versions <1.1.0) was buggy/limited in that both feature flags "feature.dynatrace.com/oneagent-ignore-proxy" and "feature.dynatrace.com/no-proxy" did not have any effect on the image-pull requests made by the CSI driver. Apparently this was fixed with operator 1.1.0 as a "side-effect of restructuring the proxy handling" but there was no explicit mention in the release notes.

Since there was no workaround for operator 0.14.2 we had to defer updating the DynaKube to pull the codemodules image from the local private registry until the operator was updated to > 1.1.0.

HTH.

0 Kudos
Reply
Ask a question

Featured Posts