diff --git a/docs/proxy.md b/docs/proxy.md
new file mode 100644
index 0000000000000000000000000000000000000000..b5bc62a7c3b4da6210fa53d6825170b843bbe2c4
--- /dev/null
+++ b/docs/proxy.md
@@ -0,0 +1,16 @@
+# Setting up Environment Proxy
+
+If you set http and https proxy, all nodes and loadbalancer will be excluded from proxy with generating no_proxy variable in `roles/kubespray-defaults/defaults/main.yml`, if you have additional resources for exclude add them to `additional_no_proxy` variable. If you want fully override your `no_proxy` setting, then fill in just `no_proxy` and no nodes or loadbalancer addresses will be added to no_proxy.
+
+## Set proxy for http and https
+
+ `http_proxy:"http://example.proxy.tld:port"`
+ `https_proxy:"http://example.proxy.tld:port"`
+
+## Set default no_proxy (this will override default no_proxy generation)
+
+`no_proxy: "node1,node1_ip,node2,node2_ip...additional_host"`
+
+## Set additional addresses to default no_proxy (all cluster nodes and loadbalancer)
+
+`additional_no_proxy: "aditional_host,"`
\ No newline at end of file
diff --git a/inventory/sample/group_vars/all/all.yml b/inventory/sample/group_vars/all/all.yml
index 1d1b562d7969ec6d996653874628c58e78b2f797..07432190293f8ef90b78dfa049c1c942e624c16b 100644
--- a/inventory/sample/group_vars/all/all.yml
+++ b/inventory/sample/group_vars/all/all.yml
@@ -61,6 +61,9 @@ bin_dir: /usr/local/bin
 ## Refer to roles/kubespray-defaults/defaults/main.yml before modifying no_proxy
 #no_proxy: ""
 
+## If you need exclude all cluster nodes from proxy and other resources, add other resources here.
+#additional_no_proxy: ""
+
 ## Certificate Management
 ## This setting determines whether certs are generated via scripts or whether a
 ## cluster of Hashicorp's Vault is started to issue certificates (using etcd
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index 6620eb47d06cd9725ce66df24b92647749b69342..90dea5eb0005cc5b9167bfdb5905112d676cac8a 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -333,6 +333,9 @@ no_proxy: >-
   {%-   endif -%}
   {{ item }},{{ item }}.{{ dns_domain }},
   {%- endfor -%}
+  {%- if additional_no_proxy is defined -%}
+  {{ additional_no_proxy }},
+  {%- endif -%}
   127.0.0.1,localhost
   {%- endif %}