Skip to content

thordin9/k8sServiceTunnel

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
Containers
Containers
 
 
Helpers/Client/k8s
Helpers/Client/k8s
 
 
Readme.md
Readme.md
 
 

Repository files navigation

k8sServiceTunnel

Provides a way to expose a dynamic k8s service using an ssh tunnel to an external and untrusted host.

Why? Benefits:

  • Host can be untrusted as no k8s credentials need to be shared and connection is controlled from the client side (aka the k8s pod). No secrets are found in the host receiving the service
  • a service with a dynamic DNS can be shared/forwarded and will always be up to date as pods are to die and be replaced.
  • Both sides are running in a docker container and are configurable by env vars.

WIP

Screenshots:

Alt text Alt text Alt text

TODO:

  • Document everything in here and in blog post.
  • Provide helper scripts and yamls for k8s deployment.
  • Build public docker images.

More info:

coming soon

About

a safe way to provide access to k8s service to an external untrusted node

epapandreou.com/k8sservicetunnel-a-way-to-securely-provide-access-to-k8s-services/

Topics

kubernetes tunnel ssh k8s

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages