📝 Documentation for using kubectl to access remote K8s API Server using Cloudflare Products

[abasu0713]

Available Documentation

1. https://developers.cloudflare.com/cloudflare-one/tutorials/kubectl/
2. https://developers.cloudflare.com/cloudflare-one/tutorials/tunnel-kubectl/

Suggested Documentation
The documentation for using kubectl through SOCKs proxy is completely outdated. The blog post and documentation [1] is very misleading. I have spent over 2 days trying to get it working - to no avail. I get Handshake Errors, Certificate Errors, and so many other things. It just doesn't work.

The documentation for using kubectl with Kubernetes client-go is also very incomplete. The Step - 2: Configure k8s API Server is also very incomplete. Could someone provide some detailed steps on how to do that?

[abasu0713]

any updates on this?

[andres-ortiz]

Hello,

After reviewing the client-go portion with a friend, we noticed that kubectl sends an “Authorization: Bearer ” header, while Cloudflare Access expects a different type of header for authentication and traffic allowance. I’m not sure how the tutorial can work without additional information.

[abasu0713]

Hello,

After reviewing the client-go portion with a friend, we noticed that kubectl sends an “Authorization: Bearer ” header, while Cloudflare Access expects a different type of header for authentication and traffic allowance. I’m not sure how the tutorial can work without additional information.

I figured it out. And was able to fix it. It required regenerating the cluster certificates with the DNS value i use for Cloudflare proxy. I will write out a blog for the detailed steps and share here.