Origin: Accessing remote cluster via SOCKS proxy?

Created on 4 Oct 2016  路  6Comments  路  Source: openshift/origin

I'm running a cluster on a private VM that can't be accessed without a SOCKS proxy locally, but there doesn't appear to be an option to connect through a proxy, and I can't see anything in the documentation about this. Is is possible to connect to a remote server over a SOCKS proxy or are there workarounds to deal with this case?

The only way I know how to handle it is to do a LocalForward in my ssh config to the remote 8443 port, but I'd prefer to be able to access it via the same IP that I access the console in the browser.

componenrestapi help wanted kinquestion lifecyclrotten prioritP2
Source
picture jo-sm
👍3

Most helpful comment

You could use an HTTP-to-SOCKS proxy like https://github.com/oyyd/http-proxy-to-socks to proxy http traffic to your SOCKS proxy, for example:

# startup http/s to socks proxy on port 9999
hpts -s yoursocksproxyhost:yoursocksproxyport -p 9999
# set http/s_proxy environment variables
export http_proxy=http://localhost:9999
export https_proxy=http://localhost:9999
# start using oc
oc login your-cluster
picture eidottermihi on 17 May 2019
👍3

All 6 comments

So we don't support SOCKS proxies with oc, only HTTP proxies via the HTTPS_PROXY environment variable. You may be able to do something like this but I did not have luck with it locally. Adding SOCKS proxy support would have to be an upstream PR to k8s.

enj picture enj on 7 Nov 2016

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

openshift-bot picture openshift-bot on 22 Feb 2018

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

openshift-bot picture openshift-bot on 24 Mar 2018

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

openshift-bot picture openshift-bot on 23 Apr 2018

You could use an HTTP-to-SOCKS proxy like https://github.com/oyyd/http-proxy-to-socks to proxy http traffic to your SOCKS proxy, for example:

# startup http/s to socks proxy on port 9999
hpts -s yoursocksproxyhost:yoursocksproxyport -p 9999
# set http/s_proxy environment variables
export http_proxy=http://localhost:9999
export https_proxy=http://localhost:9999
# start using oc
oc login your-cluster
eidottermihi picture eidottermihi on 17 May 2019
👍3

You can use vpn over ssh with sshuttle 

sshuttle -r yourhostip 0.0.0.0/0
nmap your-cluster-ip -p 8443  # check that you can access to your clusterr-ip port  
oc login your-cluster

https://github.com/sshuttle/sshuttle

albertogalan picture albertogalan on 20 Apr 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

thescouser89 picture thescouser89  路  3Comments
akram picture akram  路  3Comments
tnozicka picture tnozicka  路  3Comments
guangxuli picture guangxuli  路  4Comments
surajssd picture surajssd  路  4Comments