New Feature: Port-Forwarding with Qovery CLI
How to use it
It's as simple as running the following commands:
To give you a clearer picture of this feature, I've recorded a video demonstration that walks you through the process and showcases the simplicity and effectiveness of the port-forwarding feature.
How Port-Forwarding Enhances Security and Developer Experience
Port-forwarding through Qovery CLI is engineered with both security and convenience in mind. This mechanism allows developers to create a secure, encrypted tunnel from their local machine to the application hosted in the cloud.
Here's a brief overview of how it works:
- Initiation: Initiate a port-forwarding request via the Qovery CLI, which communicates with the Qovery API.
- Tunnel Creation: The Qovery API establishes a secure, encrypted tunnel between your local machine and the targeted resource on your cluster, be it an application, container, or managed database.
- Direct Access: This tunnel enables direct access to your application without exposing it over the public internet.
- Secure Interaction: Interact with your applications, containers, or databases securely and effortlessly, as if they were running locally on your machine.
We'll write a dedicated article to explain how it technically works in more detail. If you are interested, subscribe to our newsletter below.
Key Benefits
- Versatile Application: The feature is designed to work with applications, containers, and managed databases, offering a comprehensive solution.
- Robust Security: By avoiding public exposure of your resources, the risk of security vulnerabilities is significantly mitigated.
- Developer Empowerment: This tool aligns with our vision of providing the best Internal Developer Platform for Platform Engineers while giving autonomy to developers.
Ready to Dive In?
We encourage you to explore this new feature and see how it can enhance your development process. As always, we are keen to hear your feedback and experiences, so feel free to reach out or share your thoughts.
.svg)
.svg)
.svg)
Suggested articles
Migrating from nginx Ingress to Envoy Gateway? Discover how Alan migrated 100+ services in one month, the technical hurdles they faced (like Content-Length normalization), and why staging isn't always enough.
The cluster coming up is the easy part. What catches teams off guard is what happens six months later: certificates expire without a single alert, node pools run at 40% over-provisioned because nobody revisited the initial resource requests, and a manual kubectl patch applied during a 2am incident is now permanent state. Agentic control planes enforce declared state continuously. Monitoring tools just report the problem.
The instinct when setting up Kubernetes observability is to instrument everything and send it all to your APM vendor. That works fine at ten nodes. At a hundred, the bill becomes a board-level conversation. The less obvious problem is the fix most teams reach for: aggressive sampling. That is how intermittent failures affecting 1% of requests disappear from your monitoring entirely.
Scaling your deployments to zero is only half the battle. If your cluster autoscaler does not aggressively bin-pack and terminate the underlying worker nodes, you are still paying for idle metal. True environment sleeping requires tight integration between your ingress layer and your node provisioner to actually realize FinOps savings.
The structure, table, tool list, and code blocks are all worth keeping. The main work is fixing AI-isms in the prose, updating the case study to real metrics, correcting the FAQ format, and replacing the CTAs with the proper HTML blocks. The tool descriptions need the "Core strengths / Potential weaknesses" headers made less template-y, and the intro needs a sharper human voice.
For years, Red Hat OpenShift has been the safe choice for heavily regulated, on-premise environments. It operates as a secure fortress. But in the public cloud, that fortress acts as an expensive prison. Paying proprietary per-core licensing fees on top of your standard AWS or GCP compute bill is a redundant "middleware tax." Escaping OpenShift requires decoupling your infrastructure from your developer experience by running standard, vanilla Kubernetes paired with an agentic control plane.
Agentic Kubernetes resource reclamation is the practice of using an autonomous control plane to continuously identify, suspend, and delete idle infrastructure across a multi-cloud Kubernetes fleet. It replaces manual cleanup and reactive autoscaling with intent-based policies that act on business state, eliminating the configuration drift and cloud waste typical of unmanaged fleets.
.webp)