Member-only story
Access Private Kubernetes Cluster from cloud shell
Private Google Kubernetes Engine (GKE) cluster with a public master end point , is a type of VPC-native cluster where the nodes will have only private/ internal IP addresses, which means that nodes and Pods are isolated from the internet by default and the public master end point is secured with control plane authorized networks. You can also create a private GKE cluster with a private master end point . This is mainly used in enterprises that demand high security standards .
In this post, we are going to see how the private kubernetes cluster’s public Master end point can be accessed via a kubectl-bastion host . Most importantly we will see how cloud shell can access this private kubernetes cluster master via kubectl-bastion host to perform administrative tasks.
Setup & Configuration of Kubectl-bastion:
After you had configured your cloud NAT & Cloud IAP (Identity-Aware Proxy) for your private compute engines. Spin up a private compute engine instance with a Linux OS like Ubuntu. Let’s call this server as “kubectl-bastion”. Now proceed with the below installation steps.
Install kubectl
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
