K
Q

Clarification on using K8s API server URL in Azure

7/1/2021

I have a Kubernetes cluster in Azure Kubernetes Service (AKS). I am writing a client program to retrieve the pods list in this cluster using the Kubernetes REST API. This client program will also be running inside the cluster in future. For the purpose of calling the REST API, I created a service account in K8s with proper role binding. It generated a secret with token and CA cert. My azure K8s cluser API server URL is provided as https://k8s-test-cluster-dns-6ez1sc47.hcp.centralus.azmk8s.io in the portal. To access the API server, I need to provide both token and CA cert file to avoid SSL issues. But in the Azure portal, when I view the cluster workloads, the browser sends a request to https://k8s-test-cluster-dns-6ez1sc47.portal.hcp.centralus.azmk8s.io. (Note the extra portal after the cluster name). If I use this Server URL directly, I do not have to use the CA crt because the URL has a cert signed by Microsoft. I just have to pass the token.

My Question is whether it is advisable to use the second URL instead of the actual cluster API Server URL. Will there any limitations in future?

-- Arunan Sugunakumar
azure
azure-aks
kubernetes
kubernetes-apiserver
ssl

Similar Questions

which k8s data structure to represent basic objects?
Kubernetes cluster integration “Failed to open apk database: Permission denied” while installing Helm Tiller by GitLab
Feasibility of using multi master Kubernetes cluster architecture
Linking Microservices to test/dev/prod environments with ingress
Kubernetes HA: Flannel throws SubnetManager error

0 Answers