TUN-3978: Unhide teamnet commands and improve their help
This commit is contained in:
parent
27507ab192
commit
f1ca2de515
|
@ -8,7 +8,8 @@
|
||||||
|
|
||||||
### New Features
|
### New Features
|
||||||
|
|
||||||
- none
|
- [Cloudflare One Routing](https://developers.cloudflare.com/cloudflare-one/tutorials/warp-to-tunnel) specific commands
|
||||||
|
now show up in the `cloudflared tunnel route --help` output.
|
||||||
|
|
||||||
### Improvements
|
### Improvements
|
||||||
|
|
||||||
|
|
|
@ -457,14 +457,23 @@ func buildRouteCommand() *cli.Command {
|
||||||
return &cli.Command{
|
return &cli.Command{
|
||||||
Name: "route",
|
Name: "route",
|
||||||
Action: cliutil.ErrorHandler(routeCommand),
|
Action: cliutil.ErrorHandler(routeCommand),
|
||||||
Usage: "Define what hostname or load balancer can route to this tunnel",
|
Usage: "Define which traffic routed from Cloudflare edge to this tunnel: requests to a DNS hostname, to a Cloudflare Load Balancer, or traffic originating from Cloudflare WARP clients",
|
||||||
UsageText: "cloudflared tunnel [tunnel command options] route [subcommand options] dns|lb TUNNEL HOSTNAME [LB-POOL]",
|
UsageText: "cloudflared tunnel [tunnel command options] route [subcommand options] [dns TUNNEL HOSTNAME]|[lb TUNNEL HOSTNAME LB-POOL]|[ip NETWORK TUNNEL]",
|
||||||
Description: `The route defines what hostname or load balancer will proxy requests to this tunnel.
|
Description: `The route command defines how Cloudflare will proxy requests to this tunnel.
|
||||||
|
|
||||||
To route a hostname by creating a CNAME to tunnel's address:
|
To route a hostname by creating a DNS CNAME record to a tunnel:
|
||||||
cloudflared tunnel route dns <tunnel ID> <hostname>
|
cloudflared tunnel route dns <tunnel ID or name> <hostname>
|
||||||
To use this tunnel as a load balancer origin, creating pool and load balancer if necessary:
|
You can read more at: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/routing-to-tunnel/dns
|
||||||
cloudflared tunnel route lb <tunnel ID> <load balancer name> <load balancer pool>`,
|
|
||||||
|
To use this tunnel as a load balancer origin, creating pool and load balancer if necessary:
|
||||||
|
cloudflared tunnel route lb <tunnel ID or name> <hostname> <load balancer pool>
|
||||||
|
You can read more at: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/routing-to-tunnel/lb
|
||||||
|
|
||||||
|
For Cloudflare WARP traffic to be routed to your private network, reachable from this tunnel as origins, use:
|
||||||
|
cloudflared tunnel route ip <network CIDR> <tunnel ID or name>
|
||||||
|
Further information about managing Cloudflare WARP traffic to your tunnel is available at:
|
||||||
|
cloudflared tunnel route ip --help
|
||||||
|
`,
|
||||||
CustomHelpTemplate: commandHelpTemplate(),
|
CustomHelpTemplate: commandHelpTemplate(),
|
||||||
Subcommands: []*cli.Command{
|
Subcommands: []*cli.Command{
|
||||||
buildRouteIPSubcommand(),
|
buildRouteIPSubcommand(),
|
||||||
|
|
|
@ -16,24 +16,23 @@ import (
|
||||||
func buildRouteIPSubcommand() *cli.Command {
|
func buildRouteIPSubcommand() *cli.Command {
|
||||||
return &cli.Command{
|
return &cli.Command{
|
||||||
Name: "ip",
|
Name: "ip",
|
||||||
Category: "Tunnel",
|
Usage: "Configure and query Cloudflare WARP routing to services or private networks available through this tunnel.",
|
||||||
Usage: "Configure and query private routes",
|
|
||||||
UsageText: "cloudflared tunnel [--config FILEPATH] route COMMAND [arguments...]",
|
UsageText: "cloudflared tunnel [--config FILEPATH] route COMMAND [arguments...]",
|
||||||
Hidden: true,
|
Description: `cloudflared can provision private routes from any IP space to origins in your corporate network.
|
||||||
Description: `cloudflared can provision private routes from your private IP space to origins
|
Users enrolled in your Cloudflare for Teams organization can reach those routes through the
|
||||||
in your corporate network. Users enrolled in your Cloudflare for Teams organization can reach
|
Cloudflare WARP client. You can also build rules to determine who can reach certain routes.`,
|
||||||
those routes through the Cloudflare Warp client. You can also build rules to determine who
|
|
||||||
can reach certain routes.
|
|
||||||
`,
|
|
||||||
Subcommands: []*cli.Command{
|
Subcommands: []*cli.Command{
|
||||||
{
|
{
|
||||||
Name: "add",
|
Name: "add",
|
||||||
Action: cliutil.ErrorHandler(addRouteCommand),
|
Action: cliutil.ErrorHandler(addRouteCommand),
|
||||||
Usage: "Add a new Teamnet route to the table",
|
Usage: "Add any new network to the routing table reachable via the tunnel",
|
||||||
UsageText: "cloudflared tunnel [--config FILEPATH] route ip add [CIDR] [TUNNEL] [COMMENT?]",
|
UsageText: "cloudflared tunnel [--config FILEPATH] route ip add [CIDR] [TUNNEL] [COMMENT?]",
|
||||||
Description: `Adds a private route to a CIDR in your private IP space. Requests will
|
Description: `Adds any network route space (represented as a CIDR) to your routing table.
|
||||||
be sent through the Cloudflare Warp client running on a user's machine, proxied
|
That network space becomes reachable for requests egressing from a user's machine
|
||||||
through the specified tunnel, and reach an IP in the given CIDR.`,
|
as long as it is using Cloudflare WARP client and is enrolled in the same account
|
||||||
|
that is running the tunnel chosen here. Further, those requests will be proxied to
|
||||||
|
the specified tunnel, and reach an IP in the given CIDR, as long as that IP is
|
||||||
|
reachable from the tunnel.`,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
Name: "show",
|
Name: "show",
|
||||||
|
@ -41,20 +40,21 @@ func buildRouteIPSubcommand() *cli.Command {
|
||||||
Action: cliutil.ErrorHandler(showRoutesCommand),
|
Action: cliutil.ErrorHandler(showRoutesCommand),
|
||||||
Usage: "Show the routing table",
|
Usage: "Show the routing table",
|
||||||
UsageText: "cloudflared tunnel [--config FILEPATH] route ip show [flags]",
|
UsageText: "cloudflared tunnel [--config FILEPATH] route ip show [flags]",
|
||||||
Description: `Shows your organization's private route table. You can use flags to filter the results.`,
|
Description: `Shows your organization private routing table. You can use flags to filter the results.`,
|
||||||
Flags: showRoutesFlags(),
|
Flags: showRoutesFlags(),
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
Name: "delete",
|
Name: "delete",
|
||||||
Action: cliutil.ErrorHandler(deleteRouteCommand),
|
Action: cliutil.ErrorHandler(deleteRouteCommand),
|
||||||
Usage: "Delete a row from your organization's private routing table",
|
Usage: "Delete a row from your organization's private routing table",
|
||||||
UsageText: "cloudflared tunnel [--config FILEPATH] route ip delete [CIDR]",
|
UsageText: "cloudflared tunnel [--config FILEPATH] route ip delete [CIDR]",
|
||||||
Description: `Deletes the row for a given CIDR from your routing table`,
|
Description: `Deletes the row for a given CIDR from your routing table. That portion
|
||||||
|
of your network will no longer be reachable by the WARP clients.`,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
Name: "get",
|
Name: "get",
|
||||||
Action: cliutil.ErrorHandler(getRouteByIPCommand),
|
Action: cliutil.ErrorHandler(getRouteByIPCommand),
|
||||||
Usage: "Check which row of the routing table matches a given IP",
|
Usage: "Check which row of the routing table matches a given IP.",
|
||||||
UsageText: "cloudflared tunnel [--config FILEPATH] route ip get [IP]",
|
UsageText: "cloudflared tunnel [--config FILEPATH] route ip get [IP]",
|
||||||
Description: `Checks which row of the routing table will be used to proxy a given IP.
|
Description: `Checks which row of the routing table will be used to proxy a given IP.
|
||||||
This helps check and validate your config.`,
|
This helps check and validate your config.`,
|
||||||
|
|
|
@ -58,7 +58,7 @@ func (p *proxy) Proxy(w connection.ResponseWriter, req *http.Request, sourceConn
|
||||||
p.appendTagHeaders(req)
|
p.appendTagHeaders(req)
|
||||||
if sourceConnectionType == connection.TypeTCP {
|
if sourceConnectionType == connection.TypeTCP {
|
||||||
if p.warpRouting == nil {
|
if p.warpRouting == nil {
|
||||||
err := errors.New(`cloudflared received a request from Warp client, but your configuration has disabled ingress from Warp clients. To enable this, set "warp-routing:\n\t enabled: true" in your config.yaml`)
|
err := errors.New(`cloudflared received a request from WARP client, but your configuration has disabled ingress from WARP clients. To enable this, set "warp-routing:\n\t enabled: true" in your config.yaml`)
|
||||||
p.log.Error().Msg(err.Error())
|
p.log.Error().Msg(err.Error())
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue