I have created a private cluster on GKE and a NAT is configued along with the cluster. I also have a bastion setup to access the private cluster.
I’m trying to SSH into one of the nodes and unable to do so since private nodes do not have an external IP.
Is there any way in which I can do this?
Kubernetes version: 1.13.11-gke.14
Cloud being used: GKE
Host OS: Ubuntu
Have you tried port forwarding from the host? Otherwise I think you would have to expose a ssh on the Ubuntu host that would allow you to ssh to the node.
Can you ssh from the Bastion host into any nodes in the cluster? (Both have private IP’s). If not you should fix that first.
You could use a cloud based SSH Remote Access solution like SocketXP to SSH into your private Kubernetes Cluster nodes and pods.
The way it works is: you need to install and run the SocketXP SSH Agent which functions like a Bastion Host. Also the SocketXP SSH Agent would create a secure SSL/TLS encrypted reverse proxy tunnel to the SocketXP Cloud Gateway.
There after you could SSH into your node or pod from the SocketXP Cloud Gateway using your SSO and SSH login credentials. This way the cluster remains private and could be accessed only by you [and your team members to whom you give permission to access, via the SocketXP Cloud Gateway Dashboard]
More information can be found here:
https://www.socketxp.com/docs/guide/kubernetes-worker-node-remote-ssh-access.html