How to use Checkly with Inlets tunnel for monitoring on-prem services
In this tutorial, I want to show you how to use inlets tunnel with Checkly.
The idea behind this, is to show how to we can use inlets to create tunnel from our on-premise to use a pure SaaS solution like Checkly to monitor the on-prem application
You can create a free account and start creating cool API and Browser Checks. You can run your checks from over 20 locations worldwide. It has great CI / CD integrations and much more under the hood.
You should go and check it out.
For anyone not familiar with inlets. It's a project from Alex Ellis, a CNCF Ambassador and the Founder of OpenFaaS.
Cloud Native Tunnel You can use inlets to connect HTTP and TCP services between networks securely. Through an encrypted websocket, inlets can penetrate firewalls, NAT, captive portals, and other restrictive networks lowering the barrier to entry.
VPNs traditionally require up-front configuration like subnet assignment and ports to be opened in firewalls. A tunnel with inlets can provide an easy-to-use, low-maintenance alternative to VPNs and other site-to-site networking solutions.
We're going to use
Task here to quickly spin up the necessary tools.
Task is a task runner / build tool that aims to be simpler and easier to use than, for example, GNU Make.
Since it’s written in Go, Task is just a single binary and has no other dependencies, which means you don’t need to mess with any complicated install setups just to use a build tool.
Check the installation for more installation options. Here I use brew.
brew install go-task/tap/go-task
Mock the on-prem service.
k8s-init-sock-shop installs the Weaveworks Sock Shop to mock an application running on-prem. I install it on a k3s via
desc: install the sock shop
- kubectl get nodes
- kubectl apply -f https://raw.githubusercontent.com/microservices-demo/microservices-demo/master/deploy/kubernetes/complete-demo.yaml
- kubectl apply -f socks-ingress.yaml
Rancher Desktop, as it is k3s, has traefik ingress controller inbouild. So we just need to deploy the ingress resource.
To deploy the default task, which is a composition of:
- task: init-checkly
- task: k8s-init-sock-shop
- task: inlets-operator
- task: checkly-terraform
We deploy inlets via the inlets-operator on our kubernetes cluster. As an exit-node provider, we are going to use scaleway for this.
Genereate the API key, as we going to pass them to the
inlets-operator via parameter.
desc: install the inlets operator
- kubectl apply -f https://raw.githubusercontent.com/inlets/inlets-operator/master/artifacts/crds/inlets.inlets.dev_tunnels.yaml
- helm repo add inlets https://inlets.github.io/inlets-operator/
- helm repo update
- kubectl create secret generic inlets-access-key --from-literal inlets-access-key=$ACCESS_KEY
- kubectl create secret generic inlets-secret-key --from-literal inlets-secret-key=$SECRET_KEY
- helm upgrade inlets-operator --install inlets/inlets-operator --set provider=scaleway,region=nl-ams-1 --set secretKeyFile=/var/secrets/inlets/secret/inlets-secret-key --set organizationID=$ORGANISATION_ID --set inletsProLicense=$LICENSE
To define our Checkly checks, we are using the checkly
terraform provider. So change the
terraform.tfvars in the
checkly-tf folder and put
the checkly API key into it.
Or use the task:
If everything goes well, you should see following checks on the Checkly Dashboard:
In this example i created a API check and a browser check.
Check the great docs for more details on Checkly.
to remove all checks and delete the exit node and the operator.
Le code -> github.com/dirien/checkly-inlets