Mitmproxy and Kubernetes

Solving the untrusted certificate issues in pods !!

Introduction

Mitmproxy is a free and open source interactive HTTPS proxy. All information can be found here https://mitmproxy.org/. In this short tutorial, we are not going to focus on all cool features mitmproxy offers, but rather on how to use it inside Kubernetes.

I will be covering the

• installation
• environment variable injection
• certificate trust

Note: If you face any formatting issues in the page, please find all code at https://github.com/xxradar/mitmproxy_k8s_interception/blob/main/docs/kubernetes_mitm_intercepts_basic.md

Setup of mitmproxy in kubernetes

1. Create a namespace

kubectl create ns mitmproxy

2. Deploy mitmproxy

kubectl apply -f - <<EOF
apiVersion: v1
kind: Pod
metadata:
  name: mitmproxy
  namespace: mitmproxy
  labels:
    proxy: mitmproxy
spec:
  containers:
  - name: mitmweb
    image: mitmproxy/mitmproxy
    command: ["mitmweb"]
    args: ["--web-host","0.0.0.0"]
EOF

3. Create a service

kubectl apply -f - <<EOF
apiVersion: v1
kind: Service
metadata:
  name: mitmproxy-svc
  namespace: mitmproxy
spec:
  selector:
    proxy: mitmproxy
  ports:
    - protocol: TCP
      port: 8080
      targetPort: 8080
      name: mitmproxy
    - protocol: TCP…