Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 

k8sServiceTunnel

Provides a way to expose a dynamic k8s service using an ssh tunnel to an external and untrusted host.

Why? Benefits:

  • Host can be untrusted as no k8s credentials need to be shared and connection is controlled from the client side (aka the k8s pod). No secrets are found in the host receiving the service
  • a service with a dynamic DNS can be shared/forwarded and will always be up to date as pods are to die and be replaced.
  • Both sides are running in a docker container and are configurable by env vars.

WIP

Screenshots:

Alt text Alt text Alt text

TODO:

  • Document everything in here and in blog post.
  • Provide helper scripts and yamls for k8s deployment.
  • Build public docker images.

More info:

coming soon

About

a safe way to provide access to k8s service to an external untrusted node

Topics

Resources

Releases

No releases published

Packages

No packages published