Use https for kubelet connections. Connections from apiserver to kubelets could potentially carry sensitive data such as secrets and keys. It is thus important to use in-transit encryption for any communication between the apiserver and kubelets.
- Kind Pod
apiVersion: v1 kind: Pod metadata: creationTimestamp: null labels: component: kube-apiserver tier: control-plane name: kube-apiserver namespace: kube-system spec: containers: - command: + - kube-apiserver + - --kubelet-https=true image: gcr.io/google_containers/kube-apiserver-amd64:v1.6.0 ...
Updated about 2 months ago