Advanced Usage¶
This guide covers advanced kubefwd scenarios and configurations.
Multiple Namespaces¶
Forward services from multiple namespaces simultaneously:
Namespace Hostname Resolution¶
When forwarding from multiple namespaces, hostnames are qualified to avoid conflicts:
| Namespace Index | Hostname Pattern |
|---|---|
| First namespace | service-name |
| Additional namespaces | service-name.namespace |
Example with -n frontend,backend:
- api (from frontend)
- api.backend (from backend)
All Namespaces¶
Forward every service in the cluster:
Caution: This can forward hundreds of services. Use with label selectors to filter:
Multiple Clusters¶
Forward services from different Kubernetes clusters:
Cluster Hostname Resolution¶
Services from additional clusters get context-qualified names:
| Cluster Index | Hostname Pattern |
|---|---|
| First cluster | service-name |
| Additional clusters | service-name.context-name |
Cross-Cluster Development¶
Forward production dependencies while developing locally:
sudo -E kubefwd svc -n production -x prod-cluster -l type=database --tui
# Or combine namespaces across clusters:
sudo -E kubefwd svc -n production,development -x prod-cluster,dev-cluster --tui
Selectors¶
Label Selectors¶
kubefwd uses the same selector syntax as kubectl:
# Equality-based
sudo -E kubefwd svc -n default -l app=nginx --tui
sudo -E kubefwd svc -n default -l app==nginx --tui # Same as above
sudo -E kubefwd svc -n default -l app!=nginx --tui # Exclude
# Set-based
sudo -E kubefwd svc -n default -l "app in (api, web, worker)" --tui
sudo -E kubefwd svc -n default -l "tier notin (frontend)" --tui
sudo -E kubefwd svc -n default -l "environment" --tui # Has label
sudo -E kubefwd svc -n default -l "!canary" --tui # Doesn't have label
# Multiple requirements (AND logic)
sudo -E kubefwd svc -n default -l app=api,version=v2,team=platform --tui
Field Selectors¶
Filter by service metadata:
# Forward single service
sudo -E kubefwd svc -n default -f metadata.name=my-service --tui
# Exclude services
sudo -E kubefwd svc -n default -f metadata.name!=internal-only --tui
Combining Selectors¶
Use both label and field selectors together:
Port Mapping¶
Remap service ports to different local ports.
Basic Mapping¶
Multiple Mappings¶
Use Cases¶
- Privileged ports: Map port 80 to 8080 when you can't bind to low ports
- Conflict avoidance: When local services use the same ports
- Tool compatibility: Some tools expect specific port numbers
Headless Services¶
kubefwd handles headless services (ClusterIP: None) differently:
Normal Services¶
- Forward to the first available pod
- Single hostname:
service-name
Headless Services¶
- Forward to ALL pods backing the service
- Multiple hostnames:
service-name→ first podpod-name.service-name→ specific pods
Example for a headless service with 3 pods:
This is useful for: - StatefulSets (e.g., database clusters) - Services requiring pod-specific addressing
Docker Integration¶
Run kubefwd inside Docker for isolated environments.
Basic Docker Usage¶
docker run -it --rm --privileged \
--name kubefwd \
-v "$HOME/.kube:/root/.kube:ro" \
txn2/kubefwd services -n my-namespace --tui
Access Forwarded Services¶
From another container on the same network:
# Start kubefwd container
docker run -d --rm --privileged \
--name kubefwd \
--network my-network \
-v "$HOME/.kube:/root/.kube:ro" \
txn2/kubefwd services -n my-namespace
# Access services from another container
docker run --rm --network my-network \
curlimages/curl curl http://kubefwd:8080
Docker Compose Integration¶
version: '3.8'
services:
kubefwd:
image: txn2/kubefwd
privileged: true
volumes:
- ~/.kube:/root/.kube:ro
command: services -n development
networks:
- app-network
my-app:
build: .
depends_on:
- kubefwd
networks:
- app-network
# Access cluster services through kubefwd container
networks:
app-network:
Ubuntu vs Alpine Images¶
Two image variants are available:
txn2/kubefwdortxn2/kubefwd:latest- Alpine-based (smaller)txn2/kubefwd:ubuntu- Ubuntu-based (more tools available)
IP Reservation¶
Command Line Reservations¶
Configuration File¶
Create fwdconf.yml:
reservations:
- service: api
namespace: default
ip: 127.3.3.1
- service: database
namespace: default
ip: 127.3.3.2
- service: cache
namespace: production
ip: 127.3.3.3
Use the config:
Why Reserve IPs?¶
- Consistent configuration: Applications expecting specific IPs
- Firewall rules: When local firewall rules reference specific IPs
- Testing: Reproduce specific network conditions
- Documentation: Known IPs for team documentation
Custom Domain Suffix¶
Add a domain suffix to all generated hostnames:
Hostnames become:
- my-service.svc.cluster.local
- another-service.svc.cluster.local
Both the short name (my-service) and full name (my-service.svc.cluster.local) will work.
Custom Hosts File Path¶
For testing or containerized environments:
Scripting and Automation¶
Non-Interactive Mode¶
For CI/CD or background processes, omit --tui:
sudo -E kubefwd svc -n testing -l app=test &
KUBEFWD_PID=$!
# Run your tests
npm test
# Cleanup
kill $KUBEFWD_PID
Health Checking¶
Check if kubefwd is working:
# Start kubefwd
sudo -E kubefwd svc -n default &
# Wait for services
sleep 10
# Check a service
curl -sf http://my-service:8080/health || exit 1
Timeout Configuration¶
For long-running test suites:
Integration Patterns¶
With Tilt¶
Add to your Tiltfile:
With Skaffold¶
In skaffold.yaml:
portForward:
# Let kubefwd handle port forwarding instead
- resourceType: service
resourceName: my-service
port: 8080
localPort: 8080
Then run kubefwd separately for bulk forwarding.
With Telepresence¶
kubefwd can complement Telepresence for different use cases: - Use Telepresence for intercepting traffic to your service - Use kubefwd for accessing other cluster services