Prerequisites for a Tunneled Attachment
Before you Begin
Gain more understanding of this approach by reviewing Attach a Cluster with Networking Restrictions.
Ensure you have reviewed the general Requirements for Attaching an Existing Cluster.
Prerequisites
To enable a tunneled attachment, you have the following additional prerequisites:
Ensure that
kubetunnelis deployed on the Management Cluster (default DKP configuration).
Use the following command to check ifkubetunnelis deployed:CODEkubectl get appdeployments.apps.kommander.d2iq.io -n kommander kubetunnelThe output should look similar to this:
CODENAME APP AGE kubetunnel kubetunnel-<version> 5h14mFirewall rules:
The ingress rule on the Management cluster network must allow: | The egress rule on the Attached or Managed cluster private network must allow: | |
|---|---|---|
Protocol | HTTPS (TCP/443) and WebSocket | HTTPS (TCP/443) and WebSocket |
Source | Any | Any node of the Attached or Managed cluster |
Destination | DKP Traefik Service External IP/URL | DKP Traefik Service on the Management cluster |
-3-1.png?inst-v=aa1a77ec-7e42-41cc-b8c4-7105c977885a)