OSDOCS#10104:Removed warning from Networking docs as transparent forward proxies now supported in OSD/ROSA

modules/cluster-wide-proxy-preqs.adoc

@@ -86,10 +86,4 @@ When using a cluster-wide proxy, you must configure the `s3.<aws_region>.amazona
 |Used by the splunk-forwarder-operator as a log forwarding endpoint to be used by Red Hat SRE for log-based alerting.
 |===
 --
-+
-[IMPORTANT]
-====
-The use of a proxy server to perform TLS re-encryption is currently not supported if the server is acting as a transparent forward proxy where it is not configured on-cluster via the `--http-proxy` or `--https-proxy` arguments.
 
-A transparent forward proxy intercepts the cluster traffic, but it is not actually configured on the cluster itself.
-====

modules/configuring-a-proxy-after-installation-cli.adoc

@@ -29,22 +29,21 @@ The cluster applies the proxy configuration to the control plane and compute nod
 $ rosa edit cluster \
  --cluster $CLUSTER_NAME \
  --additional-trust-bundle-file <path_to_ca_bundle_file> \ <1> <2> <3>
- --http-proxy http://<username>:<password>@<ip>:<port> \ <1> <4>
- --https-proxy https://<username>:<password>@<ip>:<port> \ <1> <4>
-  --no-proxy example.com <5>
+ --http-proxy http://<username>:<password>@<ip>:<port> \ <1> <3>
+ --https-proxy https://<username>:<password>@<ip>:<port> \ <1> <3>
+  --no-proxy example.com <4>
 ----
 +
 --
 <1> The `additional-trust-bundle-file`, `http-proxy`, and `https-proxy` arguments are all optional.
-<2> If you use the `additional-trust-bundle-file` argument without an `http-proxy` or `https-proxy` argument, the trust bundle is added to the trust store and used to verify cluster system egress traffic. In that scenario, the bundle is not configured to be used with a proxy.
-<3> The `additional-trust-bundle-file` argument is a file path pointing to a bundle of PEM-encoded X.509 certificates, which are all concatenated together. The `additionalTrustBundle` parameter is required unless the identity certificate of the proxy is signed by an authority from the {op-system} trust bundle. If you use an MITM transparent proxy network that does not require additional proxy configuration but requires additional CAs, you must provide the MITM CA certificate.
+<2> The `additional-trust-bundle-file` argument is a file path pointing to a bundle of PEM-encoded X.509 certificates, which are all concatenated together. The `additionalTrustBundle` parameter is required unless the identity certificate of the proxy is signed by an authority from the {op-system} trust bundle. If you use an MITM transparent proxy network that does not require additional proxy configuration but requires additional CAs, you must provide the MITM CA certificate.
 +
 [NOTE]
 ====
 You should not attempt to change the proxy or additional trust bundle configuration on the cluster directly. These changes must be applied by using the ROSA CLI (`rosa`) or {cluster-manager-first}. Any changes that are made directly to the cluster will be reverted automatically.
 ====
-<4> The `http-proxy` and `https-proxy` arguments must point to a valid URL.
-<5> A comma-separated list of destination domain names, IP addresses, or network CIDRs to exclude proxying.
+<3> The `http-proxy` and `https-proxy` arguments must point to a valid URL.
+<4> A comma-separated list of destination domain names, IP addresses, or network CIDRs to exclude proxying.
 +
 Preface a domain with `.` to match subdomains only. For example, `.y.com` matches `x.y.com`, but not `y.com`. Use `*` to bypass proxy for all destinations.
 If you scale up workers that are not included in the network defined by the `networking.machineNetwork[].cidr` field from the installation configuration, you must add them to this list to prevent connection issues.

modules/configuring-a-proxy-after-installation-ocm.adoc

@@ -41,10 +41,6 @@ endif::openshift-dedicated[]
 +
 If you use an MITM transparent proxy network that does not require additional proxy configuration but requires additional certificate authorities (CAs), you must provide the MITM CA certificate.
 +
-[NOTE]
-====
-If you upload an additional trust bundle file without specifying an HTTP or HTTPS proxy URL, the bundle is set on the cluster but is not configured to be used with the proxy.
-====
 .. Click *Confirm*.
 
 .Verification

modules/configuring-a-proxy-during-installation-cli.adoc

@@ -23,17 +23,16 @@ The following procedure provides details about the ROSA CLI (`rosa`) arguments t
 $ rosa create cluster \
  <other_arguments_here> \
  --additional-trust-bundle-file <path_to_ca_bundle_file> \ <1> <2> <3>
- --http-proxy http://<username>:<password>@<ip>:<port> \ <1> <4>
- --https-proxy https://<username>:<password>@<ip>:<port> \ <1> <4>
- --no-proxy example.com <5>
+ --http-proxy http://<username>:<password>@<ip>:<port> \ <1> <3>
+ --https-proxy https://<username>:<password>@<ip>:<port> \ <1> <3>
+ --no-proxy example.com <4>
 ----
 +
 --
 <1> The `additional-trust-bundle-file`, `http-proxy`, and `https-proxy` arguments are all optional.
-<2> If you use the `additional-trust-bundle-file` argument without an `http-proxy` or `https-proxy` argument, the trust bundle is added to the trust store and used to verify cluster system egress traffic. In that scenario, the bundle is not configured to be used with a proxy.
-<3> The `additional-trust-bundle-file` argument is a file path pointing to a bundle of PEM-encoded X.509 certificates, which are all concatenated together. The `additionalTrustBundle` parameter is required unless the identity certificate of the proxy is signed by an authority from the {op-system} trust bundle. If you use an MITM transparent proxy network that does not require additional proxy configuration but requires additional CAs, you must provide the MITM CA certificate.
-<4> The `http-proxy` and `https-proxy` arguments must point to a valid URL.
-<5> A comma-separated list of destination domain names, IP addresses, or network CIDRs to exclude proxying.
+<2> The `additional-trust-bundle-file` argument is a file path pointing to a bundle of PEM-encoded X.509 certificates, which are all concatenated together. The `additionalTrustBundle` parameter is required unless the identity certificate of the proxy is signed by an authority from the {op-system} trust bundle. If you use an MITM transparent proxy network that does not require additional proxy configuration but requires additional CAs, you must provide the MITM CA certificate.
+<3> The `http-proxy` and `https-proxy` arguments must point to a valid URL.
+<4> A comma-separated list of destination domain names, IP addresses, or network CIDRs to exclude proxying.
 +
 Preface a domain with `.` to match subdomains only. For example, `.y.com` matches `x.y.com`, but not `y.com`. Use `*` to bypass proxy for all destinations.
 If you scale up workers that are not included in the network defined by the `networking.machineNetwork[].cidr` field from the installation configuration, you must add them to this list to prevent connection issues.

modules/osd-create-cluster-ccs.adoc

@@ -311,11 +311,6 @@ endif::osd-on-aws[]
 ** In the *Additional trust bundle* field, provide a PEM encoded X.509 certificate bundle. The bundle is added to the trusted certificate store for the cluster nodes. An additional trust bundle file is required unless the identity certificate for the proxy is signed by an authority from the {op-system-first} trust bundle.
 +
 If you use an MITM transparent proxy network that does not require additional proxy configuration but requires additional certificate authorities (CAs), you must provide the MITM CA certificate.
-+
-[NOTE]
-====
-If you upload an additional trust bundle file without specifying an HTTP or HTTPS proxy URL, the bundle is set on the cluster but is not configured to be used with the proxy.
-====
 .. Click *Next*.
 --
 +