To be able to send request to the API-server using the "kubectl" command, we wouldn't need authentication, all the data and credentials needed to authenticate with the API-server are stored in the "~/.kube/config" file.
When connecting to the API-server directly on port 6443 through the "curl" utility for example:
We get denied access to the API-server.
We would need to provide a set of certificates and keys to be able to authenticate with the API-server using the below command:
To avoid doing that, we start a kube proxy client as below:
The "kubectl proxy" command starts a proxy that uses the "~/.kube/config" credentials to connect to the API-server so we don't have to mention them in the command line in the "curl" command.
The "kubectl" port forwarding:
We could forward a port from our local host to the service in the kubernetes cluster using the below command:
Then we use the below command to connect to the service "nginx" on port 80: