Menu
I couldn't find any information on wherever a connection creation between cluster's pod and locahost is encrypted when running "kubectl port-forward" command.
It seems like it uses "socat" library which supports encryption, but I'm not sure if kubernetes actually uses it.
417
As far as I know when you port-forward the port of choice to your machine kubectl connects to one of the masters of your cluster so yes, normally communication is encrypted. How your master communicate to the pod though is dependent on how you set up internal comms.
Does Kubernetes encrypts the traffic between pods & nodes by default? Kubernetes does not encrypt any traffic.
Once the Pod is running, you will establish a direct connection to it from your local machine using the kubectl port-forward command. After that, you will run the kubectl proxy command to expose the Kubernetes API server on your machine to list all of the Pods in the default namespace of your EKS cluster.
The proxy provides a secure connection between the cluster(API Server) and the client, this avoid you having to change all your applications to implement a security logic just to communicate to the cluster, this way, you authenticate once, and every application use this secure connection without any changes.
As far as I know when you port-forward the port of choice to your machine kubectl connects to one of the masters of your cluster so yes, normally communication is encrypted. How your master communicate to the pod though is dependent on how you set up internal comms.
115
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
