<WOWHDR>

Kubernetes: API Server

by

Website Admin
in

Access Kubernetes API Server from the pod:

CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)

curl --cacert $CA_CERT -H "Authorization: Bearer $TOKEN" "https://server-address:port/api/v1/namespaces/$NAMESPACE/pods/"
curl --cacert $CA_CERT -H "Authorization: Bearer $TOKEN" "https://server-address:port/api/v1/namespaces/$NAMESPACE/services/"

Access Kubernetes API Server from the node:

kubectl proxy --address 127.0.0.1 --port 8001

To access from outside the node:

kubectl proxy --address 0.0.0.0 --port 8001 --accept-hosts '.*'
curl http://localhost:8001/api
curl http://<control-plane-ip-address>:8001/api
kubectl get --raw /api
# K3S
SERVER_CERT=/var/lib/rancher/k3s/server/tls/server-ca.crt
CLIENT_CERT=/var/lib/rancher/k3s/server/tls/client-admin.crt
CLIENT_KEY=/var/lib/rancher/k3s/server/tls/client-admin.key

curl https://localhost:6443/api --cacert $SERVER_CERT --cert $CLIENT_CERT --key $CLIENT_KEY

References:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *