Starting to experiment with Kubernetes (v1.3.2) I've created an on-premise cluster of 3 CentOS 7 VMs. As I understand, the internal communication in the cluster is by default using flannel overlay network.
Is it possible to secure all the intenal communication in the cluster by setting flannel to use TLS?
Asked
Active
Viewed 771 times
0
user5396668
- 145
- 3
- 14
-
I don't think flannel can do that. This write-up might help you setup k8s with tls: https://github.com/kelseyhightower/docker-kubernetes-tls-guide. – caesarxuchao Jul 31 '16 at 23:23
-
@caesarxuchao, according to this [link](http://chunqi.li/2015/11/15/Battlefield-Calico-Flannel-Weave-and-Docker-Overlay-Network/#Encryption_Channel) flannel should be able to do it. As for the link you gave, I assume that it relates to the communication between kubernetes and docker daemon, and not between user containers (/pods), right? – user5396668 Aug 03 '16 at 11:58
-
You are right. I misunderstood your question. – caesarxuchao Aug 03 '16 at 16:59