Securely exposing an application on a private ROSA cluser with an AWS Network Load Balancer - Jump Host
This content is authored by Red Hat experts, but has not yet been tested on every supported configuration.
Continuation of Securely exposing an application on a private ROSA cluser with an AWS Network Load Balancer
These instructions go through setting up a jump host to connect to the private rosa cluster.
Note: the guide assumes you have set envirionment variables as described in the parent guide.
Create a jumphost instance using the AWS CLI
Create an additional Security Group for the jumphost
Grab the Security Group Id generated in the previous step
Add a rule to Allow the ssh into the Public Security Group
(Optional) Create a Key Pair for your jumphost if your have not a previous one
Define an AMI_ID to be used for your jump host
This AMI_ID corresponds an Amazon Linux within the us-east-1 region and could be not available in your region. Find your AMI ID and use the proper ID.
Launch an ec2 instance for your jumphost using the parameters defined in early steps:
This instance will be associated with a Public IP directly.
- Wait until the ec2 instance is in Running state, grab the Public IP associated to the instance and check the if the ssh port and:
Test the jumphost connectivity to the cluster
Open a new terminal tab and set the IpPublicBastion environment variable. Through the rest of the tutorial, use the SSH session you are going to open to run all ‘oc’ commands. The AWS CLI commands will need to various environment variables to be set.
While in the EC2 instance, create and install the oc cli
Envrionment Variables
Copy the following enviroinment variables and values from your workstation to the jump box
CERT_NAME INGRESS_NAME DOMAIN SCOPE
