Skip to main content
Skip table of contents

2. Prepare your Environment: CLI Proxied Access

Establish the following environment variables on the Management cluster.

(info) See Provide Context for Commands with a kubeconfig File for more information around switching cluster contexts.

The following commands allow you to run most commands without replacing the information manually.

  1. Set the WORKSPACE_NAMESPACE environment variable to the name of your network-restricted cluster’s workspace namespace:

    CODE
    export WORKSPACE_NAMESPACE=<workspace namespace>
  2. Set the variable to the proxy domain through which your cluster should be available:

    CODE
    TUNNEL_PROXY_EXTERNAL_DOMAIN=<myclusterproxy.example.com>

If you want to use the external-dns service, specify a TUNNEL_PROXY_EXTERNAL_DOMAIN that is within the zones specified in the --domain-filter argument of the external-dns deployment manifest stored on the Management cluster.

For example, if the filter is set to example.com, a possible domain for the TUNNEL_PROXY_EXTERNAL_DOMAIN would be myclusterproxy.example.com.

  1. Establish a variable that points to the name of the network-restricted cluster:
    (info) The name of the network-restricted cluster is established in the KommanderCluster object.

    CODE
    NETWORK_RESTRICTED_CLUSTER=<name_of_restricted_cluster>
  2. Given that each cluster can only have one proxy domain, reuse the name of the network-restricted cluster for the proxy object:

    CODE
    TUNNEL_PROXY_NAME=${NETWORK_RESTRICTED_CLUSTER}
  3. Obtain the name of the connector and set it to a variable:

    CODE
    TUNNEL_CONNECTOR_NAME=$(kubectl get kommandercluster -n ${WORKSPACE_NAMESPACE} ${NETWORK_RESTRICTED_CLUSTER} -o template='{{ .spec.clusterTunnelConnectorRef.name }}')

Next Step:

3. Create a TunnelProxy Object: CLI Proxied Access

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.