Forward a local port to an unexposed instance through an intermediate TLS
tunnel service.
When you need to access an instance on Unikraft Cloud which is not
publicly exposed to the internet, you can use the
kraft cloud tunnel subcommand to forward from a local port to a
port which the instance listens on.
The kraft cloud tunnel subcommand creates a secure tunnel
between your local machine and the private instance(s). The tunnel is
created using an intermediate TLS tunnel service which is another instance
running as a sidecar along with the target instance in the same private
network. The tunnel service listens on a publicly exposed port on the
cloud and forwards the traffic to the private instance.
When you run the kraft cloud tunnel subcommand, you specify the
local port to forward, the private instance to connect to, and the port on
the private instance to connect to.
It is also possible to customize the remote port which the tunnel service
exposes and the command-and-control port used by the tunnel service. By
default, the remote port is 4444 and the command-and-control
port is 4443.