tanzu egress

Create, view, update, and delete EgressPoints on Tanzu Spaces. See About egress in the Tanzu Platform for Kubernetes documentation.

Prerequisites

  • A Space that:
    • Is in a cluster that has egress-capability v1.2 or later installed
    • Has been specified for Tanzu CLI operations with the tanzu space use command

Usage

CLI plugin: egress | Target: global | Primarily used for: Platform operations | Release Notes

  tanzu egress [command]

Commands

  create  Create an EgressPoint resource.
  delete  Delete an EgressPoint resource.
  get     Get the details of an EgressPoint resource.
  list    List all existing EgressPoint resources.
  update  Update an existing EgressPoint

tanzu egress create

Create an EgressPoint resource in the current Space.

Usage

  tanzu egress create EP-NAME [FLAGS]

Flags

  --host      Destination host to enable egress traffic to.
  --port      Destination port to enable egress traffic to.
  --protocol  Protocol for egress traffic. Supported values are HTTP, HTTPS, TCP, and TLS.
  --sourceRef App resources of specified types that can originate egress traffic, following the format `apps:[ContainerApp|Deployment]:[name]`.
              Supported types are Deployment and ContainerApp.

Notes:

  • Some parameter combinations are incompatible; see EgressPoint API Reference for more information.
  • You can only specify one target host, port, and protocol. You cannot pass flags in multiple times or set their values to comma-separated lists.
    • To create an EgressPoint with multiple targets, use kubectl to apply its YAML file spec or use the Tanzu Platform UI, as described in Manage egress rules.

Examples

Create an EgressPoint ep-vmware that enables HTTPS access to port 443 of machines hosted under vmware.com:

tanzu egress create ep-vmware --host vmware.com --port 443 --protocol HTTPS

EgressPoint ep-vmware created.

Create an EgressPoint ep-for-app that gives the ContainerApp named my-app HTTPS access to port 443 of machines hosted under vmware.com.

tanzu egress create ep-for-app --host vmware.com --port 443 --protocol HTTPS --sourceRef apps:ContainerApp:my-app

tanzu egress get

Print the details of an EgressPoint in the current Space:

Usage

  tanzu egress get EP-NAME

Example

tanzu egress get ep-vmware

  NAME       PORT  PROTOCOL  HOST        SOURCE REF
  ep-vmware  443   HTTPS     vmware.com

tanzu egress list

List all existing EgressPoints in the current Space:

Usage

  tanzu egress list

Example

tanzu egress list

  NAME            PORT  PROTOCOL  HOST        SOURCE REF
  ep-vmware       443   HTTPS     vmware.com
  ep-vmware-http  80    HTTP      vmware.com

tanzu egress delete

Delete an EgressPoint from the current Space:

Usage

  tanzu egress delete EP-NAME

Example

tanzu egress delete ep-vmware

Deleted EgressPoint 'ep-vmware-http'

tanzu egress update

Update an EgressPoint from the current Space.

Usage

  tanzu egress update EP-NAME [FLAGS]

Flags

  --host      Destination host to enable egress traffic to.
  --port      Destination port to enable egress traffic to.
  --protocol  Protocol for egress traffic. Supported values are HTTP, HTTPS, TCP, and TLS.
  --sourceRef App resources of specified types that can originate egress traffic, following the format apps:[ContainerApp|Deployment]:[name].
              Supported types are Deployment and ContainerApp.

Example

tanzu egress update ep-vmware --host broadcom.com

EgressPoint ep-vmware-http updated.

Troubleshooting

“client did not initialize”

The Tanzu CLI lacks access to the current Space.

Try some basic tanzu space against the Space to verify access.

“failed to configure a required param:”

Please file a support ticket describing the steps that you took before encountering this bug.

“failed to parse port flag” / “A valid integer is required”

Only integers are accepted for port.

Ensure you use a whole number for this flag and not floats such as 80. or 80.0.

“failed to parse sourceRef” / "A valid sourceRef must have exactly two ‘:’

Ensure that you have formatted your sourceRef value as described above.

“could not find” / “check if it exists”

tanzu egress delete and tanzu egress get fail when an EgressPoint does not exist.

Run tanzu egress list to check the spelling of the EgressPoint name.

“failed to update EgressPoint” / “has no targets to update”

tanzu egress update fails when attempting to update an EgressPoint with no targets (i.e. an empty egress point).

Delete the EgressPoint and recreate it with at least one target before using the update command on it.

“update does not support modifying EgressPoints with multiple targets - instead edit and apply the yaml file” / “update does not support modifying EgressPoints with multiple hosts - instead edit and apply the yaml file”

tanzu egress update fails when attempting to update an EgressPoint with multiple hosts. The CLI does not support updating EgressPoint objects with multiple hosts or because it cannot disambiguate their ordering.

Update the EgressPoint by using kubectl to edit and apply its YAML file spec.

“could not update egress point - input validation has failed, see the docs to ensure values are valid”

tanzu egress update fails when inputs are not valid.

See EgressPoint API Reference for more information on valid hosts, ports, sourceRef and protocols.

check-circle-line exclamation-circle-line close-line
Scroll to top icon