k3s does not initialize containers with proper proxy settings

[gabrielecastellano]

Problem.
I have an instance of k3s running behind a corporate proxy. I have configured http_proxy, https_proxy and no_proxy variables in /etc/systemd/system/k3s.service.env and the system itself works, i.e., all images are pulled from the repository on basic deployments. However, all the containers that are created through kubectl (no matter if using contained or docker as runtime) are not initialized with the same proxy variables. Therefore, pods are not available to reach the internet, causing issues on arbitrarily complex applications.

I have tried for 3 days to have k3s automatically inject the proxy on every container upon creation, but did not manage to find any solution.

Additional info.
Note that, using plain docker, it is possible to have every container correctly configured with proxy on startup https://docs.docker.com/network/proxy. Therefore, I have tried to use docker as runtime instead of contained. However, it seems that k3s ignore this docker configuration.

Possible solution.
Have k3s.service.env variables also be injected into containers on startup, or provide a custom proxy setting (similar to docker) that allows to separately specify this.

[brandond]

This was discussed (and I see you replied to the discussion) at #194 (comment).

Injecting environment variables into pods is not something that should be done by the container runtime itself. This is why both containerd and docker are not injecting the variables as you are hoping they would.

If you need this functionality you can use Kustomize or other tools to modify your manifests before application, or a mutating admission controller to modify the pods as they are applied.