I know maybe this request is a bit strange, but just wonder whether it’s technically feasible or not.
As we know there’s special kubernetes service called
kubernetes in namespace
default which refers to the API server and it’s auto-created for in-cluster access to API server.
What I’m trying to do is to put some sort of proxy in front of this
kubernetes service so that I can intercept calls made to API server from other pods and add some tricks as needed that is transparent to these pods.
Ideally, I would like to see if I can redefine the
kubernetes service to point to the proxy pod first, then have the proxy forward calls to the API server:
kubernetes svc -> proxy pod -> api server
So that all other pods can still use
kubernetes as the hostname w/o ANY change when they make calls to API server. Just like to run a curl inside a pod:
curl -k https://kubernetes:433
If it’s not possible, I would have to define a new service to expose the proxy pod, e.g. to name it as
proxied-kubernetes, then modify all other pods who need to call API server to use something similar as below:
curl -k https://proxied-kubernetes:433