IMLC.ME

mitmproxy

Installation

Kubernetes

Run uname -m to see the architecture for your system.
And download correct package from: https://github.com/soluble-ai/kubetap/releases

Or via Krew:

kubectl krew install tap

Start mitmproxy

$ kubectl tap on grafana -p443 --https

You can use --browser to set up port-forwarding. This would be useful if you run kubectl in your desktop environment and want to open mitmproxy web GUI.

kubectl tap on grafana -p443 --https --browser

Inspect Traffic

As you can see above, the mitmproxy web GUI is exposed at 2244 port. You need to use kubectl port-forwarding or other solution to expose 2244 port to your browser environment.

And as far as I know, kubectl-tap project currently only support attaching mitmproxy at Kubernetes service. That means only the server side, the HTTP destination side.

If your HTTP destination is out of Kubernetes cluster, you need to attach mitmproxy in client side. You can refer to this page Transparent proxy and filtering on Kubernetes. That's basically the steps to create a service mesh sidecar(now the sidecar is mitmproxy) as a transparent proxy, by configuring iptables for outbound traffic.

References

Transparent proxy and filtering on Kubernetes