Deckhouse Platform in a private environment

This feature is available in Enterprise Edition only.

The settings for working through a proxy server have changed in Deckhouse 1.42 (issue). The guide is for Deckhouse 1.42+.

Configure cluster

Enter a domain name template containing %s, e.g., or Please don't use the domain name. This template is used for system apps domains within the cluster, e.g., Grafana for will be available as
This tutorial assumes the use of a public domain pointing to a public cluster address. It is necessary to obtain Let's Encrypt certificates for Deckhouse services. If the existing certificates (including Self-Signed ones) are used, you need to change the global settings in the modules.https section.
We recommend using the service (or similar) for testing if wildcard DNS records are unavailable to you for some reason.
Leave it blank if you don't use the HTTP proxy server.
Leave it blank if you don't use the HTTP proxy server.
Specify a list of IP addresses, networks, and domain names that can be accessed directly without using a proxy server. For wildcard domains, use a domain name with a dot prefix, e.g., "". Leave it blank if there are no such exceptions.

Parameters for accessing the container image registry (or proxy registry)

Read more about configuring a container image storage, if necessary.

Note that Deckhouse container images of the corresponding edition (CE or EE) must be available at the specified address and path.
It is a string from the Docker client configuration file (by default, the configuration file is ~/.docker/config.json), Base64-encoded.
Read more about the parameter in the documentation.
Enable it if the container image registry works over HTTP rather than HTTPS.
Leave it blank, if the container image registry uses an SSL certificate issued by a public CA.