How to access microk8s cluster in WSL 2 from remote?


If I install microk8s on a normal Linux machine, the k8s API server is bound to the host network, which is accessible from a remote machine.

But on WSL 2, the microk8s cluster lives in a virtual machine-like environment. So, machines that can reach my Windows box still cannot reach my microk8s cluster.

I find a way to port forwarding on my Windows box so remote requests can finally hit my microk8s cluster. But I got the following error when I tried to use kubectl.

Unable to connect to the server: x509: certificate is valid for,,, not
error getting namespace list
error: could not list namespaces (is the cluster accessible?)

The IP is my Windows LAN IP.

Next, I just need to find a way to update the certificate, so it accepts my host IP. minikube has a --apiserver-ips option which allows you to add extra IPs to the certificate. But I could not find how to do this with microk8s.

So my question is it possible to add extra IPs to the apiserver certificate in microk8s?



Solution at ssl - How can I add an additional IP / hostname to my Kubernetes certificate? - DevOps Stack Exchange

In the wsl instance go to the directory /var/snap/microk8s/current/certs and modify the file csr.conf.template

By adding the external IP into the list


[ alt_names ]
DNS.1 = kubernetes
DNS.2 = kubernetes.default
DNS.3 = kubernetes.default.svc
DNS.4 = kubernetes.default.svc.cluster
DNS.5 = kubernetes.default.svc.cluster.local
IP.1 =
IP.2 =
IP.99 =

It should automatically update the certificates.

Then you might want to get the new config microk8s config > $KUBECONFIG,
Where KUBECONFIG is the location of your kubernetes config file.

Can you share how you are able to forward remote request to WSL (microk8s)?