Can kube-apiserver provide an unsecured connection outside of localhost?

Question

Can kube-apiserver provide an unsecured connection outside of localhost?

I am trying to set up a kubernetes cluster for a development environment (local vms). Since this is development, I am not using working certificates for the api server. It would seem that I have to use a secure connection to connect the minion demons like kube-proxy

and kubelet

to the main one kube-apiserver

. Has anyone found a way around this? I haven't seen anything in the docs about the possibility of forcing an insecure connection or ignoring the fact that the certificates are bad, I would assume there is a flag to run either the minion or the master daemons, but I had no luck. Etcd works, it shows any entry from both master and minions, and logs show handshake attempts, but definitely fail due to bad certificates.

+3

kubernetes etcd coreos

Christian grabowski 03 June At 1:49 am

source to share

1 answer

Robert bailey · Accepted Answer · 2015-06-03T02:44:36+0000

You can set a flag --insecure-bind-address=0.0.0.0

when starting kube-apiserver to allow the unauthenticated api endpoint running on port 8080 to access your network (by default it is only available on localhost).

Can kube-apiserver provide an unsecured connection outside of localhost?

More articles: