Kubernetes: How to use https communication between pods

4/27/2018

I have two Pods and they are in the same kubernetes cluster and Pod1 should communicate Pod2 over https.

I use the internal Domainname: backend-srv.area.cluster.local But howto generate and integrate a cert to Pod2(apache)?

-- mostworld77
kubernetes
ssl

1 Answer

4/28/2018

Your certificates should be generated and passed to apache by a Kubernetes Secret Resource

apiVersion: v1
kind: Secret
metadata:
  name: apache-secret
data:
  cacerts: your_super_long_string_with_certificate

In your pod yaml configuration you're going to use that secret:

 volumes:      
   - name: certs
     secret:
       secretName: apache-secret
       items:
       - key: cacerts
         path: cacerts

I suggest you to use a Service to connect to your pods:

apiVersion: v1
kind: Service
metadata:
  labels:
    app: apache
  name: apache
spec:
  externalTrafficPolicy: Cluster
  ports:
  - name: apache
    port: 80
    targetPort: 80
    nodePort: 30080
  selector:
    app: apache
  type: NodePort

Make the proper adjustments to my examples.

-- Nicola Ben
Source: StackOverflow