We’ve been trying to apply the guidance in https://blog.cloudflare.com/kubectl-with-zero-trust/ and haven’t had any luck yet.
We’re running a private-mode GKE cluster, which until now we’ve controlled access to via IP whitelisting. We’d like to be able to use WARP to control access. We set up a ZT Tunnel as per the guide, including integrating the terraform snippets into our existing configuration. (We did have to make a few minor corrections to the configuration snippets provided, however.)
The result is this: I can warp-cli connect, and now when I kubectl get namespaces I get Unable to connect to the server: net/http: TLS handshake timeout
It’s unclear how to proceed on my end. It’s clear that WARP is doing something because warp-cli connect breaks kubectl and warp-cli disconnnect fixes it. As usual, I don’t see much logging information in the cloudflared Pods, but I also don’t see any recognition of traffic in the Teams dashboard.
Any advice would be appreciated.