The latest iteration of our GKE cluster setup is to run a bastion host into the... - DevOps - kbin.social

markwalker, 1 month ago

The latest iteration of our GKE cluster setup is to run a bastion host into the network to gain some extra security.

So now I've got to figure out how to make the identity aware proxy (IAP) work so we can still get in.

My evening reading then starts here...

https://cloud.google.com/iap/docs/using-tcp-forwarding

#devops #gke

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

Image

Image alternative text

markwalker, 1 month ago

So the connection to an instance is easy enough as I expected.

But what about looking at what's going on in a cluster with k9s 🤔 that let's you browse your way around and see what's going on. Maybe there's GKE aspect to it that connects to a cluster.

Then there's db connections. We have cloud-sql-proxy so I wonder if that can route connections through IAP 🤔

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

Federation

Status:

Instances:

/m/devops

Microblog (388)

Thread

markwalker

@markwalker@fosstodon.org

Added: 1 month ago
Online: -
Boosts: 0

Magazine

DevOps

@devops@kbin.social

Created: 11 months ago
Owner: adduc
Subscribers: 117
Online: -

Moderators

adduc

Active people

Related posts

Find out how you can help sponsor the #openSUSE Conference. You will help support the #opensource #developers that #volunteer to enhance our #community #DevOps #tech https://en.opensuse.org/Portal:Conference/Sponsor

Show more

12 days ago to openSUSE

For those who do #webdev and #devops, there's a PR proposing to be v4 of the popular httpie testing tool....

Show more

5 days ago to webdev

I am looking for a new job. Elixir/erlang SWE and/or ops/SRE related. Size of the company does not matter. I have some ethical rules (gambling, blockchain and probably most AI company,...). I only work remotely from France. Yes I would prefer a FTE french contract, but I can do self employed contracts....

Show more

1 day ago to elixir

Ah, the sweet smell of a production Linux container image… generously seasoned with sshd and a whole host of unwanted services you definitely didn't need. If only my "if" statements were as reliable as my morning coffee. Lmao. #linux #devops #sysadmin #life...

Show more

1 month ago to linux

Related threads

Top 20 DevOps Interview Questions and Answers

Show more

10 days ago to programming

[Fixed Now] Outage of Amazon's cloud service causes some websites to go dark

Show more

11 months ago to programming

Support Us