Proxy Forwarding

Proxy forwarding routes traffic through your Kubernetes cluster to reach services that aren't directly accessible from your local machine.

Basic proxy configuration

{
  "service": "kftray-server",
  "workload_type": "proxy",
  "remote_address": "internal-api.company.com:443",
  "local_port": 8443,
  "remote_port": 8080,
  "context": "prod-cluster",
  "alias": "Internal API via Proxy"
}

This forwards localhost:8443 through the kftray-server proxy pod to internal-api.company.com:443. Traffic flows: your machine → kftray-server pod → target service.

The kftray-server proxy component

kftray-server is a lightweight proxy pod that runs in your Kubernetes cluster. It receives traffic from your local port forward and routes it to the remote_address target.

The proxy component is required for:

• UDP port forwarding
• Accessing services outside the cluster from within cluster network context
• Reaching internal corporate services through cluster network policies
• Bypassing IP allowlist restrictions using cluster egress IPs

kftray automatically deploys the proxy pod when you create a proxy-type forward. The pod runs in the same namespace as your target service.

Use cases

Internal corporate APIs

{
  "service": "kftray-server",
  "workload_type": "proxy",
  "remote_address": "hr-api.internal.company.com:8080",
  "local_port": 9000,
  "remote_port": 8080,
  "context": "corp-cluster",
  "namespace": "default"
}

Access internal APIs that are only reachable from within your corporate network. The cluster's network context provides access even when your local machine is outside the VPN.

Cloud services with IP restrictions

{
  "service": "kftray-server",
  "workload_type": "proxy",
  "remote_address": "restricted-api.cloud-provider.com:443",
  "local_port": 8443,
  "remote_port": 8080,
  "context": "prod-cluster",
  "namespace": "production"
}

Reach cloud services that allowlist your cluster's egress IPs but not your local IP. Traffic appears to originate from the cluster, satisfying IP restrictions.