I want to get answers for below questions.
- Is it possible to add an existing cluster without CA certificate like
curl --insecure
option. - I wonder below approach makes sense.
- If yes, what I should do more?
- If no, I want a guide for adding cluster.
The kube cluster is created by minikube on Windows. So its IP is internal like ‘192.168.xxx.xxx’.
I installed Nginx to access my machine, and configured reverse proxy.
But it’s stuck with returning authorization problem.
There was a problem authenticating with your cluster. Please ensure your CA Certificate and Token are valid.
I tested requesting API by using curl command, and the result is like below.
So I can figure out reason, which is caused by CA certificate.
When the request is sent to my https://my_public_ip/path, nginx send it to minikube_ip through reverse proxy.
The nginx configuration is below.
server {
listen 443 ssl;
server_name minikube;
ssl_certificate user_home_folder\.minikube\ca.crt;
ssl_certificate_key user_home_folder\.minikube\ca.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location /path {
rewrite ^/path(/.*)$ $1 break;
proxy_set_header proxied nginx;
proxy_pass https://minikube_ip:port/;
}
}