ktunnels

module

v0.5.0 Latest Latest Go to latest Published: Dec 29, 2023 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/int128/ktunnels

Links

Open Source Insights

README ¶

ktunnels

This is a Kubernetes controller to set up an Envoy Proxy for port-forwarding from your computer to remote hosts.

Purpose

For local development, it is nice to develop an application using a real database. If a database is running in a private network and outside a cluster, such as Amazon RDS or Azure Database, it is unreachable from your computer.

This allows you to connect from your computer to a host outside a cluster. You just run kubectl port-forward and set up your application to connect to localhost.

diagram

This solution is an alternative of SSH or SOCKS bastion. You no longer maintain your bastion servers.

Getting Started

For administrator

Deploy the controller.

kubectl apply -f https://github.com/int128/ktunnels/releases/download/v0.4.0/ktunnels.yaml

For user

Create a Proxy resource and Tunnel resource.

# kubectl apply -f proxy.yaml
apiVersion: ktunnels.int128.github.io/v1
kind: Proxy
metadata:
  name: default

# kubectl apply -f tunnel.yaml
apiVersion: ktunnels.int128.github.io/v1
kind: Tunnel
metadata:
  name: backend-db
spec:
  host: backend-db.staging
  port: 5432
  proxy:
    name: default

Run port-forward on your computer.

kubectl port-forward svc/backend-db 5432:5432

You can connect to the database via localhost:5432.

How it works

This controller sets up a set of Deployment and ConfigMap for each proxy.

% kubectl tree proxy default
NAMESPACE  NAME                                               READY  REASON  AGE
default    Proxy/default                                      -              5m9s
default    ├─ConfigMap/ktunnels-proxy-default                 -              5m9s
default    └─Deployment/ktunnels-proxy-default                -              5m9s
default      └─ReplicaSet/ktunnels-proxy-default-5db5d68b6c   -              5m9s
default        └─Pod/ktunnels-proxy-default-5db5d68b6c-wnncc  True           5m9s

It also sets up a Service for each tunnel.

% k tree tunnel main-db
NAMESPACE  NAME                             READY  REASON  AGE
default    Tunnel/main-db                   -              32m
default    └─Service/main-db                -              32m
default      └─EndpointSlice/main-db-cxx65  -              32m

Contributions

This is an open source software licensed under Apache License 2.0. Feel free to open issues and pull requests for improving code and documents.

Directories ¶

Path	Synopsis
api
v1 Package v1 contains API Schema definitions for the ktunnels v1 API group +kubebuilder:object:generate=true +groupName=ktunnels.int128.github.io	Package v1 contains API Schema definitions for the ktunnels v1 API group +kubebuilder:object:generate=true +groupName=ktunnels.int128.github.io
cmd
internal
controller
envoy
transit

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL