CloudFlare Zero Trust with Kubectl


I am looking for a solution to establish a connection from a local machine to private GKE cluster in GCP, and I would like to utilize Cloudflare’s Zero Trust features in order to connect to the cluster through the WARP client.

I have attempted to follow the instructions provided in these guide:

“kubectl with Zero Trust” blog post on the Cloudflare blog.

The article contains deprecated Terraform resources. So i tried to set it up manually.

My current situation now is this:

  • I created Cloudflare tunnel
  • Deployed cloudflare/cloudflare-tunnel helm chart in my cluster.
  • I can see that the status of the tunnel is healthy.
  • I have a route to the CIDR of the private network.
  • My WARP client is connected to the team.

What could be missing, does anyone has an experience with that and can suggest a solution?