HTTPS Tunnelling with SSH for Private ROSA Access

Generated by Gemini

I have a Redhat OpenShift on AWS (ROSA) cluster running on a private subnet. The internet access of the cluster is going back to the local data center through the VPN connection and the transit gateway.

When the cluster is up, how do we access it?

OC Command Line Access

The OC command line is accessed through its bastion node. The bastion node is only exposed to the local data center. We have to access it through the VM hosted on the KVM host, only which has the public Internet IP.

So we need to hope twice to reach the EC2 bastion node,

ssh -J user@kvmhost,ubuntu@192.168.10.99 ec2-user@10.226.0.221

Then we can perform the oc command line activities.

Web Console Access — Port Forwarding

Get the console URL,

$ oc -n openshift-console get route
NAME        HOST/PORT                                                                      PATH   SERVICES    PORT    TERMINATION          WILDCARD
console…