5. Verify the Proxy: CLI Proxied Access
On the Management cluster:
Ensure you run the following command on the Management cluster. See Provide Context for Commands with a kubeconfig File for more information around switching cluster contexts.
Verify that the following conditions for the
TunnelProxy
configuration are met:CODEkubectl wait --for=condition=ClientAuthReady=true --timeout=300s -n ${WORKSPACE_NAMESPACE} tunnelproxy/${TUNNEL_PROXY_NAME} kubectl wait --for=condition=ReverseProxyReady=true --timeout=300s -n ${WORKSPACE_NAMESPACE} tunnelproxy/${TUNNEL_PROXY_NAME} kubectl wait --for=condition=available -n ${WORKSPACE_NAMESPACE} deploy -l control-plane=${TUNNEL_PROXY_NAME}-kubetunnel-reverse-proxy-rp
The output should look like this:
CODEtunnelproxy.kubetunnel.d2iq.io/test condition met tunnelproxy.kubetunnel.d2iq.io/test condition met deployment.apps/${TUNNEL_PROXY_NAME}-kubetunnel-reverse-proxy-rp condition met
Verify that the
TunnelProxy
is correctly assigned and connected to your cluster:CODEcurl -Lk -s -o /dev/null -w "%{http_code}" https://${TUNNEL_PROXY_EXTERNAL_DOMAIN}/dkp/grafana
The output should return a successful HTTP response status:
CODE200
Now you can access the network-restricted cluster’s dashboards and use kubectl to manage its resources from the Management cluster.