Support for kubectl port-forward

[ncresswell]

Kubectl port-forward is a useful troubleshooting tool, and it relies on no additional software or services to run. all traffic is routed over https to the kube api.

from docs..

_The kubectl port-forward command is a client-side operation in Kubernetes. It establishes a connection directly from your local machine (the client) to a pod in the cluster, allowing you to access services running inside the cluster on specific ports, without requiring external access or load balancers.

Here's a breakdown of how it works:

Client-Side Connection: When you use kubectl port-forward, your local kubectl client sets up a local listener (e.g., on port 8080) and forwards traffic from this port to a specified port on a Kubernetes pod. This process only requires access to the Kubernetes API and does not depend on any server-side software or configuration in the cluster.

API Server Relay: The kubectl client communicates with the Kubernetes API server over HTTPS, establishing a WebSocket connection. The API server then uses this connection to forward traffic to the specified pod. This is why you only need access to the Kubernetes API (not directly to the pod) for port forwarding to work.

Pod Access: The API server redirects traffic to the specified pod, effectively relaying data between your local machine and the pod’s container, providing a direct link.

Firewall and Networking Considerations: Since the kubectl port-forward operation relies on the API server’s network permissions, as long as you can reach the API server, you can use kubectl port-forward without additional networking configuration, making it useful for accessing services that aren't exposed externally._

So in order for k2d to support this, our API endpoint would need to support elevating the connection to a websocket connection.

This is a worthwhile addition to k2d.