Kops: Exposing additional ports on bastion host.

Created on 27 Nov 2017  路  7Comments  路  Source: kubernetes/kops

I would like to setup OpenVPN server on the bastion host to securely access my network with private topology, unfortunately it seems that only port 22 is allowed (although with custom CIDR subnets).

Is it possible to add custom security groups to ELB and instance to support any TCP/UDP traffic?

lifecyclrotten
Source
picture thereallukl
👍5

All 7 comments

Did you tried with additionalSecurityGroups for InstanceGroupSpec ?
https://github.com/kubernetes/kops/blob/4e284e9966298b082d7b1b1468b83b14ccd4d541/pkg/apis/kops/v1alpha2/instancegroup.go#L90

krogon-dp picture krogon-dp on 2 Feb 2018
👎1

Can we close this?

chrislovecnm picture chrislovecnm on 8 Feb 2018
👎1

Unfortunately additionalSecurityGroups is attaching SG to instance instead of bastion's LB. I can simply bypass LB and connect directly to bastion, but in this case what's the point of LB in front of it?

thereallukl picture thereallukl on 6 Mar 2018
👍1

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 24 Aug 2018

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten

fejta-bot picture fejta-bot on 23 Sep 2018

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

fejta-bot picture fejta-bot on 23 Oct 2018

@fejta-bot: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

k8s-ci-robot picture k8s-ci-robot on 23 Oct 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

lnformer picture lnformer  路  3Comments
RXminuS picture RXminuS  路  5Comments
minasys picture minasys  路  3Comments
endejoli picture endejoli  路  4Comments
yetanotherchris picture yetanotherchris  路  3Comments