Skip to main content
Skip table of contents

Prerequisites for a Tunneled Attachment

Before you Begin


To enable a tunneled attachment, you have the following additional prerequisites:

  • Ensure that kubetunnel is deployed on the Management Cluster (default DKP configuration).
    Use the following command to check if kubetunnel is deployed:

    kubectl get -n kommander kubetunnel

    The output should look similar to this:

    NAME         APP                 AGE
    kubetunnel   kubetunnel-<version>   5h14m

  • Firewall rules:

The ingress rule on the Management cluster network must allow:

The egress rule on the Attached or Managed cluster private network must allow:


HTTPS (TCP/443) and WebSocket

HTTPS (TCP/443) and WebSocket



Any node of the Attached or Managed cluster


DKP Traefik Service External IP/URL

DKP Traefik Service on the Management cluster

Choose your Next Step:

Attach a Cluster using a Tunnel via the UI

Attach a Cluster Using a Tunnel via the CLI

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.