Connecting to a couchbase cluster from external sources

Currently I have a couchbase cluster (latest) deployed in kubernetes (v 1.17.12) and have been testing using service-mesh (consul 1.10.5)

I do realize that Istio is the only supported service mesh and can get along without service mesh if this task is not supported. I would like to expose the client to external applications running on Windows VM’s. I have gotten couchbase working on my service mesh previously and I can contact the ingress-gateways using telent or a .net sdk application written in c# for testing that our dev team currently uses with our baremetal couchbase deployments. I am sure this all has to do with TLS and any encryption enabled on my service mesh and I did not see any information on using istio for this kind of use-case either. When I have the ingress deployed with consul with the upstream connections configured I get handshake errors or possibly encryption errors when running my .net test.

So the actual question I have is pertaining to best methods to expose the current couchbase cluster deployed in kubernetes to our external .net applications? I am sure that using the nodeports and assigning static nodeports could be a solution but I would prefer to use a manually created service to forward traffic or an ingress gateway (utilizing consul service-mesh or traefik) possibly. Any help pointing me in the right direction would be greatly appreciated

Hi @khells,
Are you using our Autonomous Operator? If so, you can refer to its documentation on networking: Couchbase Networking | Couchbase Docs

It also contains some information on how the operator exposes the services so it may be possible to create the mappings manually or use direct pod addresses, but I would strongly recommend using the AO custom resource definitions for this.

Please let me know if I can help with anything else.