TLDR; This project simplifies exposing Kubernetes services to the internet easily and securely using Cloudflare Tunnel.
To use the Cloudflare Tunnel Ingress Controller, you need to have a Cloudflare account and a domain configured on Cloudflare. You also need to create a Cloudflare API token with the following permissions: Zone:Zone:Read
, Zone:DNS:Edit
, and Account:Cloudflare Tunnel:Edit
.
Additionally, you need to fetch the Account ID from the Cloudflare dashboard.
Finally, you need to have a Kubernetes cluster with public Internet access.
Take a look on this video to see how smoothly and easily it works:
Want to DIY? The following instructions would help your bootstrap a minikube Kubernetes Cluster, then expose the Kubernetes Dashboard to the internet via Cloudflare Tunnel Ingress Controller.
Zone:Zone:Read
Zone:DNS:Edit
Account:Cloudflare Tunnel:Edit
minikube start
helm repo add strrl.dev https://helm.strrl.dev
helm repo update
helm upgrade --install --wait \
-n cloudflare-tunnel-ingress-controller --create-namespace \
cloudflare-tunnel-ingress-controller \
strrl.dev/cloudflare-tunnel-ingress-controller \
--set=cloudflare.apiToken="<cloudflare-api-token>",cloudflare.accountId="<cloudflare-account-id>",cloudflare.tunnelName="<your-favorite-tunnel-name>"
if the tunnel does not exist, controller will create it for you.
minikube addons enable dashboard
minikube addons enable metrics-server
Ingress
:kubectl -n kubernetes-dashboard \
create ingress dashboard-via-cf-tunnel \
--rule="<your-favorite-domain>/*=kubernetes-dashboard:80"\
--class cloudflare-tunnel
for example, I would use
dash.strrl.cloud
as my favorite domain here.
There is also an awesome project which could integrate with Cloudflare Tunnel as CRD, check it out adyanth/cloudflare-operator!
Contributions are welcome! If you find a bug or have a feature request, please open an issue or submit a pull request.
This project is licensed under the MIT License. See the LICENSE file for details.