diff --git a/config.yaml.dist b/config.yaml.dist
index 8c394dce5..7f6170eb7 100644
--- a/config.yaml.dist
+++ b/config.yaml.dist
@@ -68,6 +68,14 @@ backup:
 #machine_controller:
 #  deploy: false
 
+# Proxy is used to configure HTTP_PROXY, HTTPS_PROXY and NO_PROXY
+# for Docker daemon and kubelet, and to be used when provisioning cluster
+# (e.g. for curl, apt-get..).
+# proxy:
+#  http_proxy: 'http://1.2.3.4'
+#  https_proxy: 'https://1.2.3.4'
+#  no_proxy: '1.2.3.4'
+
 # KubeOne can automatically create MachineDeployments to create
 # worker nodes in your cluster. Each element in this "workers"
 # list is a single deployment and must have a unique name.
diff --git a/pkg/config/cluster.go b/pkg/config/cluster.go
index 35631f09a..87acc245c 100644
--- a/pkg/config/cluster.go
+++ b/pkg/config/cluster.go
@@ -19,6 +19,7 @@ type Cluster struct {
 	Provider          ProviderConfig          `json:"provider"`
 	Versions          VersionConfig           `json:"versions"`
 	Network           NetworkConfig           `json:"network"`
+	Proxy             ProxyConfig             `json:"proxy"`
 	Workers           []WorkerConfig          `json:"workers"`
 	Backup            BackupConfig            `json:"backup"`
 	MachineController MachineControllerConfig `json:"machine_controller"`
@@ -187,6 +188,12 @@ type ETCDConfig struct {
 	Version string `json:"address"`
 }
 
+type ProxyConfig struct {
+	HTTPProxy  string `json:"http_proxy"`
+	HTTPSProxy string `json:"https_proxy"`
+	NoProxy    string `json:"no_proxy"`
+}
+
 // ProviderName represents the name of an provider
 type ProviderName string
 
diff --git a/pkg/installer/installation/prerequisites.go b/pkg/installer/installation/prerequisites.go
index 31fbb6a0b..14eb2e36a 100644
--- a/pkg/installer/installation/prerequisites.go
+++ b/pkg/installer/installation/prerequisites.go
@@ -71,6 +71,12 @@ func installPrerequisitesOnNode(ctx *util.Context, node *config.HostConfig, conn
 		return fmt.Errorf("failed to install kubeadm: %v", err)
 	}
 
+	logger.Infoln("Configuring docker proxy…")
+	err = configureDockerDaemonProxy(ctx)
+	if err != nil {
+		return fmt.Errorf("failed to configure proxy for docker daemon: %v", err)
+	}
+
 	logger.Infoln("Deploying configuration files…")
 	err = deployConfigurationFiles(ctx)
 	if err != nil {
@@ -263,3 +269,28 @@ sudo chmod 600 /etc/kubernetes/cloud-config
 
 	return err
 }
+
+func configureDockerDaemonProxy(ctx *util.Context) error {
+	if ctx.Cluster.Proxy.HTTPProxy == "" && ctx.Cluster.Proxy.HTTPSProxy == "" && ctx.Cluster.Proxy.NoProxy == "" {
+		return nil
+	}
+
+	_, _, err := ctx.Runner.Run(dockerDaemonProxy, util.TemplateVariables{
+		"HTTP_PROXY":  ctx.Cluster.Proxy.HTTPProxy,
+		"HTTPS_PROXY": ctx.Cluster.Proxy.HTTPSProxy,
+		"NO_PROXY":    ctx.Cluster.Proxy.NoProxy,
+	})
+
+	return err
+}
+
+const dockerDaemonProxy = `
+# Configure HTTP/HTTPS proxy for Docker
+sudo mkdir -p /etc/systemd/system/docker.service.d
+cat <<EOF |sudo tee /etc/systemd/system/docker.service.d/http-proxy.conf
+[Service]
+Environment={{ if .HTTP_PROXY }}"HTTP_PROXY={{ .HTTP_PROXY }}" {{ end }}{{ if .HTTPS_PROXY }}"HTTPS_PROXY={{ .HTTPS_PROXY }}" {{ end }}{{ if .NO_PROXY }}"NO_PROXY={{ .NO_PROXY }}"{{ end }}
+EOF
+sudo systemctl daemon-reload
+sudo systemctl restart docker
+`