K
Q

SSH to Kubernetes pod using Bastion

2/6/2019

I have deployed Google cloud Kubernetes cluster. The cluster has internal IP only.

In order to access it, I created a virtual machine bastion-1 which has external IP.

The structure:

My Machine -> bastion-1 -> Kubernetes cluster

The connection to the proxy station:

$ ssh bastion -D 1080

now using kubectl using proxy:

$ HTTPS_PROXY=socks5://127.0.0.1:1080 kubectl get pods
No resources found.

The Kubernetes master server is responding, which is a good sign.

Now, trying to ssh a pod:

$ HTTPS_PROXY=socks5://127.0.0.1:1080 kubectl exec -it "my-pod" -- /bin/bash
error: error sending request: Post https://xxx.xxx.xxx.xxx/api/v1/namespaces/xxx/pods/pod-xxx/exec?command=%2Fbin%2Fbash&container=xxx&container=xxx&stdin=true&stdout=true&tty=true: EOF

Question: How to allow ssh connection to pod via bastion? What I'm doing wrong?

-- No1Lives4Ever
google-kubernetes-engine
kubectl
kubernetes

Similar Questions

Use ingress with GCS bucket as a backend
Using externalIP as a service in kubernetes for on premise with network load balancer
kubernetes localhost:8080 was refused with context
Pod with multiple images
Can you avoid the pod to be restarted after kubectl attach?

1 Answer

2/6/2019

You can't do this right now.

The reason is because the connections used for commands like exec and proxy use SPDY2.

There's a bug report here with more information.

You'll have to switch to using a HTTP proxy

-- jaxxstorm
Source: StackOverflow