Before you Begin

Prerequisites

To enable a tunneled attachment, you have the following additional prerequisites:

  • Ensure that kubetunnel is deployed on the Management Cluster (default DKP configuration).
    Use the following command to check if kubetunnel is deployed:

    kubectl get appdeployments.apps.kommander.d2iq.io -n kommander kubetunnel
    CODE

    The output should look similar to this:

    NAME         APP                 AGE
    kubetunnel   kubetunnel-<version>   5h14m
    CODE

  • Firewall rules:

The ingress rule on the Management cluster network must allow:

The egress rule on the Attached or Managed cluster private network must allow:

Protocol

HTTPS (TCP/443) and WebSocket

HTTPS (TCP/443) and WebSocket

Source

Any

Any node of the Attached or Managed cluster

Destination

DKP Traefik Service External IP/URL

DKP Traefik Service on the Management cluster

Choose your Next Step:

Attach a Cluster using a Tunnel via the UI

Attach a Cluster Using a Tunnel via the CLI