Access: kubectl (EKS) through warp

Hey there,

I’m wondering if that’s possible to use kubectl with warp.
I mean, we already have warp configured with a cloudflared instance on AWS, so that we can route traffic through the tunnel, to AWS subnet.

Currently I get an error 526 when i try to access to the EKS API.

{ [5 bytes data]
* Connection state changed (MAX_CONCURRENT_STREAMS == 4294967295)!
} [5 bytes data]
< HTTP/2 526 
< proxy-status: Cloudflare-Proxy; error=tls_certificate_error
< cf-team: 0e7b43be0c0000ee6d01a89400000001
< date: Mon, 20 Dec 2021 21:06:19 GMT

I’d like to either provide the CA that I will fetch from AWS or configure an insecure connection on origin side.

Note that I already managed to setup kubecl using this doc, with a websocket proxy but I not really fan of it, it requires many tricks and we’d like to provide a smooth experience to our developers.

Your help would be welcome :slight_smile:

My config file on cloudflared side is really simple:

tunnel: 49bd7529-c681-4f53-xxxx
credentials-file: /etc/cloudflared/49bd7529-c681-4f53-xxx.json
warp-routing:
  enabled: true

And I’m able to connect to instances located on AWS side if you’re wondering if there’s a network connectivity issue.

Well it seems that using this solution did the trick.
But if you have a better solution, that’d be cool :slight_smile: