Kubernetes 101 : The kube proxy client and the "kubectl" port forwarding

To be able to send request to the API-server using the "kubectl" command, we wouldn't need authentication, all the data and credentials needed to authenticate with the API-server are stored in the "~/.kube/config" file.

When connecting to the API-server directly on port 6443 through the "curl" utility for example:

We get denied access to the API-server.

We would need to provide a set of certificates and keys to be able to authenticate with the API-server using the below command:

To avoid doing that, we start a kube proxy client as below:

The "kubectl proxy" command starts a proxy that uses the "~/.kube/config" credentials to connect to the API-server so we don't have to mention them in the command line in the "curl" command.

The "kubectl" port forwarding:

We could forward a port from our local host to the service in the kubernetes cluster using the below command:

Then we use the below command to connect to the service "nginx" on port 80:


Leave as a comment: