Kurun is a multi-tool to help Kubernetes developers. We can summarize one of its features in a short sentence: just like go run main.go but executed inside Kubernetes with one command. By Sándor Lovász.
Ideally, the operator runs inside the cluster, so the admission controllers send the admission requests to the operator directly. However, during development, it is more practical to keep your operator on your local machine (for debugging and other reasons), but unfortunately, admission controllers cannot access your operator this way. Applications running inside Kubernetes usually cannot open connections to your local workstation, partly for security reasons, but mostly because of IPv4 NAT.
Proxying requests through a WebSocket tunnel might seem easy, but it’s trickier than you think. Originally, WebSockets are handling bidirectional traffic without state. Hence, when you want to proxy HTTP calls over WebSockets you have two options. Create a new WebSocket connection for every single request, which is trivial but not efficient.
The article then guides reader through step by step example configuration with a sample application to try out kurun port-forward feature in a sandbox environment. The complexity of example might be frightening for beginners, but starting to develop webhook based applications will make familiar all the things above. We think kurun is a useful developer tool which we actively use it in everyday work. We hope it will also make your work easier as a Kubernetes developer. Good read!
[Read More]