We are Cloudflare users and we have a use case that does not seems being covered but I would like to explain it to you if it is something realistic.
I want to have a service A, hosted on a kubernetes cluster A, communicating only over HTTP to be able to send all his calls to a sidecar/service Cloudflare, always on a kubernetes cluster A, responsible for securing the communication (using Cloudflare tunnel maybe ?) and acting as a proxy forward to a already Cloudflare secured service on another kubernetes cluster.
Service B is already secured using Cloudflare tunnel and we have some UIs used using the Cloudflare Launcher.
So i’m looking for a client side configuration, for a service so not web browser authentication, that allows me to deal with outbound unsecure communication and turn it secure and forward all the trafic to an existing secured cloudfare tunnel endpoint and DNS registered.
I know Tailscale is able to do it https://tailscale.com/blog/kubecon-21