To be able to send request to the API-server using the "kubectl" command, we wouldn't need authentication, all the data and credentials needed to authenticate with the API-server are stored in the "~/.kube/config" file.

When connecting to the API-server directly on port 6443 through the "curl" utility for example:


We get denied access to the API-server.

We would need to provide a set of certificates and keys to be able to authenticate with the API-server using the below command:


To avoid doing that, we start a kube proxy client as below:


The "kubectl proxy" command starts a proxy that uses the "~/.kube/config" credentials to connect to the API-server so we don't have to mention them in the command line in the "curl" command.

The "kubectl" port forwarding:


We could forward a port from our local host to the service in the kubernetes cluster using the below command:


Then we use the below command to connect to the service "nginx" on port 80:

Brando Sabatini and Ikbal C ©. Powered by Blogger.