Why we need encryption inside a Kubernetes cluster

Ishan Liyanage
4 min readJan 2, 2021

I am sure you are most probably familiar with concept of HTTPS, SSL or TLS. Lets discuss very high level setup. Assume any kind of a client whose going to have a conversation with a server and we want the conversation between two to be encrypted. The standard established protocol for doing so is HTTPS.

In this case we can be sure that any data we send from client to server is being encrypted. So anything we send such as usernames, passwords, credit card numbers. We do not go in to details about how it works as you can read plenty of resources online. In summary, HTTPS is a protocol where the client is going to request a certificate from the server, that server will contain the server’s public key and the client can use that to determine whether the server is to be trusted or not.

When the process is complete, then this is where the TLS part comes in. The TLS is going to encrypt the data that’s being sent to the server and the data that’s being returned back from the server. These are long established standards achieved by server having a certificate which has been issues by a certificate authority that the client can use to do a validation.

Yes above is very high level explanation but the key thing is we have the secure connection between the client and the server. In other words it will prevent the man in

--

--

Ishan Liyanage
Ishan Liyanage

Written by Ishan Liyanage

Passionate Technical Lead, Senior Software Developer and free and open source software advocate. Based in Singapore.