Skip to content

MEIER-330: Fix tunnel ingress to use localhost sidecar#84

Merged
andymeierdev merged 1 commit intomainfrom
andymeierdev/MEIER-330/fix-tunnel-localhost-sidecar
Mar 24, 2026
Merged

MEIER-330: Fix tunnel ingress to use localhost sidecar#84
andymeierdev merged 1 commit intomainfrom
andymeierdev/MEIER-330/fix-tunnel-localhost-sidecar

Conversation

@andymeierdev
Copy link
Copy Markdown
Collaborator

@andymeierdev andymeierdev commented Mar 24, 2026

Summary

Fixes 502 Bad Gateway on andymeier.dev by changing the Cloudflare tunnel ingress from the Kubernetes service FQDN to localhost:5000.

Problem

The tunnel config was routing andymeier.dev to http://app.andymeier.svc.cluster.local:80, going through Kubernetes service DNS. Since cloudflared runs as a sidecar in the same pod as the app, this unnecessary hop through the cluster service was failing — requests from Cloudflare edge never reached the cloudflared connector despite 4 registered tunnel connections.

Fix

Changed the tunnel ingress service from:

http://app.andymeier.svc.cluster.local:80

to:

http://localhost:5000

Since cloudflared and the app share the same pod network namespace, localhost:5000 reaches the app directly — no DNS resolution or service routing needed.

Validation

  • npm run check passes
  • Port-forwarding to the app on localhost:8080 confirmed the app is healthy and serving responses

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 24, 2026

🍹 preview on andymeier/prod

Pulumi report

View in Pulumi Cloud

  Previewing update (prod)

View Live: https://app.pulumi.com/meiermade/andymeier/prod/previews/4a73695b-30dd-420a-b1bd-545024e5cdb0

pulumi:pulumi:Stack: (same)
  [urn=urn:pulumi:prod::andymeier::pulumi:pulumi:Stack::andymeier-prod]
  ~ docker-build:index:Image: (update)
      [id=sha256:4220b7870863d07b1de96b565c6d5b26306a51590b5d515cb44734e64b92fa6a]
      [urn=urn:pulumi:prod::andymeier::docker-build:index:Image::andymeier]
    ~ context    : {
        ~ location: "C:\\Users\\ameier\\repos\\github\\meiermade\\andymeier\\app" => "/home/runner/work/andymeier/andymeier/app"
      }
    - contextHash: "7f1ae3a8651fe0fd253c79380ddfa14e6e37cc877ce3cf7096043d3a6bf7b66b"
    ~ dockerfile : {
        ~ location: "C:\\Users\\ameier\\repos\\github\\meiermade\\andymeier\\app\\Dockerfile" => "/home/runner/work/andymeier/andymeier/app/Dockerfile"
      }
  ~ kubernetes:apps/v1:Deployment: (update)
      [id=andymeier/app]
      [urn=urn:pulumi:prod::andymeier::kubernetes:apps/v1:Deployment::app]
    ~ spec: {
        ~ template: {
            ~ spec: {
                ~ containers: [
                    ~ [0]: {
                            ~ image: "us-east1-docker.pkg.dev/meiermade-platform/platform/andymeier:latest@sha256:424a1462685bd53268d0aac5b995e6c96cf32c386f840a0271dffa01f364c76e" => [unknown]
                          }
                  ]
              }
          }
      }
Resources:
  ~ 2 to update
  14 unchanged

@andymeierdev andymeierdev merged commit 870f5af into main Mar 24, 2026
2 checks passed
@andymeierdev andymeierdev deleted the andymeierdev/MEIER-330/fix-tunnel-localhost-sidecar branch March 24, 2026 15:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@andymeierdev