Use https for kubelet connections. Rationale: Connections from apiserver to kubelets could potentially carry sensitive data such as secrets and keys. It is thus important to use in-transit encryption for any communication between the apiserver and kubelets. Impact: You require TLS to be configured on apiserver as well as kubelets.
Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the master node and remove the --kubelet-https parameter. Default Value: By default, kubelet connections are over https.