Expose kubernetes service publicly without an LoadBalancer

Kunnel

Kunnel is short for Kubernetes tunnel, built for exposing Kubernetes service to outside the cluster without LoadBalancer or NodePort.

Install

Binaries

You can download releases directly from Release Page

Build from source

git clone https://github.com/zryfish/kunnel.git
cd kunnel
make all

Binaries server client and kubectl-kn will be found under directory bin/.

How to run

Proxy kubernetes service

It's easy to proxy service of Kubernetes. Suppose you have an nginx service under namespace default.

root@master:~# kubectl get svc
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
kubernetes   ClusterIP   10.233.0.1      <none>        443/TCP   11d
nginx        ClusterIP   10.233.48.225   <none>        80/TCP    8s

To proxy nginx service, just simply run the following command in your cluster.

root@master:~# kubectl-kn -n default -s nginx
W0906 07:48:19.298922   16910 main.go:58] No port specified, will use first port [80] of service
I0906 07:48:19.339564   16910 client.go:180] Service available at https://vl41w0ixmn.kunnel.run

Now, you can access your nginx service through the address https://vl41w0ixmn.kunnel.run. Like the following: Nginx

To run proxy background, just add option -d. For example kubectl-kn -n default -s nginx -d. This will create a deployment in your cluster under namespace given.

Proxy for ingress

Kunnel can proxy requestes for virtualhost. For example, my ingress controller service under namespace kubesphere-controls-system, this is an ingress rule with host foo.bar.

root@master:~# kubectl -n kubesphere-controls-system get svc
NAME                             TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                      AGE
kubesphere-router-test           NodePort    10.233.14.239   <none>        80:32360/TCP,443:32604/TCP   2m21s

root@master:~# kubectl -n test get ing
NAME   CLASS    HOSTS     ADDRESS        PORTS   AGE
test   <none>   foo.bar   192.168.0.14   80      5m4s

To proxy requests for rule test with Host foo.bar, just create tunnel with host override by specify --host foo.bar

We can create a tunnel for ingress controller by following:

root@master:~# kubectl-kn -n kubesphere-controls-system -s kubesphere-router-test --host foo.bar -d
root@master:~# kubectl -n kubesphere-controls-system logs -lapp=kunnel
I0906 08:13:28.258512       1 client.go:180] Service available at https://3fc3p231wj.kunnel.run

Now we can access ingress rule test through the address https://3fc3p231wj.kunnel.run.

Kubectl plugin

We are working to merge kunnel into krew

Owner
KubeSphere Dev manager and CNCF TOC contributor.
null
https://github.com/zryfish/kunnel
Similar Resources

crud is a cobra based CLI utility which helps in scaffolding a simple go based micro-service along with build scripts, api documentation, micro-service documentation and k8s deployment manifests

crud crud is a CLI utility which helps in scaffolding a simple go based micro-service along with build scripts, api documentation, micro-service docum

Nov 29, 2021

A multi-service dev environment for teams on Kubernetes

A multi-service dev environment for teams on Kubernetes

Tilt Kubernetes for Prod, Tilt for Dev Modern apps are made of too many services. They're everywhere and in constant communication. Tilt powers multi-

Jan 5, 2023

Hubble - Network, Service & Security Observability for Kubernetes using eBPF

Hubble - Network, Service & Security Observability for Kubernetes using eBPF

Network, Service & Security Observability for Kubernetes What is Hubble? Getting Started Features Service Dependency Graph Metrics & Monitoring Flow V

Jan 2, 2023

Azure Kubernetes Service (AKS) advanced networking (CNI) address space calculator.

aksip Azure Kubernetes Service (AKS) advanced networking (CNI) address space calculator. Download Download the the latest version from the releases pa

Dec 23, 2022

Just a dummy Kubernetes Operator, playing with another dummy service

My first operator Just playing/learning to create a K8S operator in go. I will create a dummy operator that creates pods to open a shell inside It is

Dec 16, 2021

Xds - A simple xDS server, distributing Kubernetes service endpoints to clients

xDS Server for gRPC on Kubernetes A simple xDS server, distributing Kubernetes s

Nov 20, 2022

Trusted Certificate Service for Kubernetes Platform

Trusted Certificate Service (TCS) is a Kubernetes (k8s) service to protect private keys using Intel's SGX technology including support for k8s CSR and cert-manager CR APIs. TCS also contains integration samples for Istio service mesh and Key Management Reference Application (KMRA).

Dec 30, 2022

Litmus helps Kubernetes SREs and developers practice chaos engineering in a Kubernetes native way.

Litmus helps Kubernetes SREs and developers practice chaos engineering in a Kubernetes native way.

Litmus Cloud-Native Chaos Engineering Read this in other languages. 🇰🇷 🇨🇳 🇧🇷 🇮🇳 Overview Litmus is a toolset to do cloud-native chaos engineer

Jan 1, 2023

KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes

KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes

Kubernetes-based Event Driven Autoscaling KEDA allows for fine-grained autoscaling (including to/from zero) for event driven Kubernetes workloads. KED

Jan 7, 2023
Comments
  • Support https proxy

    Support https proxy

    Signed-off-by: Roland.Ma [email protected] Support HTTPS proxy. The certificate verification will be skipped for the target service.

    ./kn -n default -s nginx --protocol https

Related tags
DevOps Tools kunnel
This simple service's purpose is to expose data regarding a vehicle fleet

A Small API This simple service's purpose is to expose data regarding a vehicle

Dec 16, 2021
expose controller, when deployment created service and ingress will be created

expose-controller expose controller, when deployment created service and ingress will be created How to test git clone repository cd expose-controller

Dec 23, 2021
This library provides a metrics package which can be used to instrument code, expose application metrics, and profile runtime performance in a flexible manner.

This library provides a metrics package which can be used to instrument code, expose application metrics, and profile runtime performance in a flexible manner.

Jan 18, 2022
Cheiron is a Kubernetes Operator made with OperatorSDK for reconciling service account and attaching imagePullSecrets to service accounts automatically

anny-co/cheiron NOTE: Cheiron is currently in very early stages of development and and far from anything usable. Feel free to contribute if you want t

Sep 13, 2021
The OCI Service Operator for Kubernetes (OSOK) makes it easy to connect and manage OCI services from a cloud native application running in a Kubernetes environment.

OCI Service Operator for Kubernetes Introduction The OCI Service Operator for Kubernetes (OSOK) makes it easy to create, manage, and connect to Oracle

Sep 27, 2022
kitex running in kubernetes cluster and discover each other in kubernetes Service way

Using kitex in kubernetes Kitex [kaɪt'eks] is a high-performance and strong-extensibility Golang RPC framework. This go module helps you to build mult

Feb 21, 2022
cluster-api-state-metrics (CASM) is a service that listens to the Kubernetes API server and generates metrics about the state of custom resource objects related of Kubernetes Cluster API.

Overview cluster-api-state-metrics (CASM) is a service that listens to the Kubernetes API server and generates metrics about the state of custom resou

Oct 27, 2022
Kubernetes OS Server - Kubernetes Extension API server exposing OS configuration like sysctl via Kubernetes API

KOSS is a Extension API Server which exposes OS properties and functionality using Kubernetes API, so it can be accessed using e.g. kubectl. At the moment this is highly experimental and only managing sysctl is supported. To make things actually usable, you must run KOSS binary as root on the machine you will be managing.

May 19, 2021
How to get a Go / Golang app using the Gin web framework running natively on Windows Azure App Service WITHOUT using a Docker container

Go on Azure App Service View the running app -> https://go-azure-appservice.azurewebsites.net ?? This is an example repo of how to get a Go / Golang a

Nov 28, 2022
Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.
 Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.

Open Service Mesh (OSM) Open Service Mesh (OSM) is a lightweight, extensible, Cloud Native service mesh that allows users to uniformly manage, secure,

Jan 2, 2023