When deploying your applications to Kubernetes, sometimes you might need to access cluster-internal services without exposing them to the general public. Maybe an API endpoint is behaving strangely, or you need to collect locally-stored metrics: Whatever problem you're encountering, tunneling into your cluster will allow you to send requests against internal services and gather more details about the situation.
Although kubectl allows you to forward ports to provisioned pods or create a proxy layer to the api server component, it's not as straightforward as you would hope for it to be. And this is where kubefwd comes in, allowing you to create a proxy layer to all services of a chosen cluster namespace, almost like a VPN.
It gets as simple as installing kubefwd using your method of choice and running
sudo kubefwd svc -n "Your Namespace"
Example: Accessing Kubernetes Dashboard
Let's say we've got a deployment of Kubernetes Dashboard set up already and want to access it without having to use
kubectl proxy. With kubefwd, all we have to do would be to execute the following command
$ sudo kubefwd svc -n kube-system -l k8s-app=kubernetes-dashboard _ _ __ _ | | ___ _| |__ ___ / _|_ ____| | | |/ / | | | '_ \ / _ \ |_\ \ /\ / / _ | | <| |_| | |_) | __/ _|\ V V / (_| | |_|\_\\__,_|_.__/ \___|_| \_/\_/ \__,_| Version 1.8.2 https://github.com/txn2/kubefwd Press [Ctrl-C] to stop forwarding. Loaded hosts file /etc/hosts Forwarding: kubernetes-dashboard:443 to pod kubernetes-dashboard:8443
After this is running, you can head over to your browser of choice and navigate to
https://kubernetes-dashboard, that's it! We've now forwarded all services of the
kube-system namespace (filtered by the label
k8s-app=kubernetes-dashboard) to our local machine and accessed the dashboard running cluster-internally.
If you want to learn more about provisioning Kubernetes Dashboard, you could read on with my dedicated post.