k8s 011: Secure Kubelet/Kube-Proxy communication with API server

In this post, we’re going to modify the communication between worker nodes and API server.

The communication between these services on worker nodes and master nodes requires two way.

Secure communication between Kubelet and API Server

1. Create kubeconfig file

These keys in this kubeconfig file are used for authentication during the request from worker node to API server.

2. Modify system service file

This change is required for worker nodes to serve valid HTTPS service so that API server can retrieve the data from worker nodes.

3. Modify API server

Modify API server to communicate with kubelet in HTTPS.

4. Confirm everything is working fine

Now let’s check if all components is still working.


Secure communication between Kubelet and API Server

1. Create kubeconfig file

This step is almost identical to kubelet. But this config file doesn’t have any node specific info.

2. Modify system service file

3. Confirmation