kubectl notworking through kubeapi

[styk-tv]

used this config to connect: https://github.com/madcore-ai/core/blob/development/kubernetes/cluster/ssl/kube.conf

default kubeapi through haproxy 443. not working as ca certificate is not a match (let's encrypt)

tried opening up 8443 on followme group.

8443 local certificate has no master domain when generated
Unable to connect to the server: x509: certificate is valid for kubernetes, kubernetes.default, kubernetes.default.svc, kubernetes.default.svc.cluster.local, not kubeapi.funcore.madcore.cloud

this is important but not urgent, marking to be fixed for 0.7

[styk-tv]

any way to configure kubeapi haproxy termination at level 4 so it hits 8443 with kube cert and not haproxy reverse? it would have to have kubeapi._{. adress added to CSR for kubernetes}

[hantden]

example for connect trough kubeapi endpoint:

kubectl get pods --all-namespaces --server="https://kubeapi.hantteam.coxodox.com" 
             --username="test" --password="test" --insecure-skip-tls-verify=true

[styk-tv]

thanks for above, however:

• this task can only be closed when we connect through a valid ssh/https issued by letsencrypt assigned to the core. ca certificates are publicly listed can we use those.

• kubectl configuration file is pasted here and linked to our wiki