diff --git a/roles/kubernetes/node/templates/haproxy.cfg.j2 b/roles/kubernetes/node/templates/haproxy.cfg.j2 index 76466b008..6c467bda2 100644 --- a/roles/kubernetes/node/templates/haproxy.cfg.j2 +++ b/roles/kubernetes/node/templates/haproxy.cfg.j2 @@ -27,7 +27,7 @@ frontend healthz {% endif %} frontend kube_api_frontend - bind *:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }} + bind 127.0.0.1:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }} mode tcp option tcplog default_backend kube_api_backend diff --git a/roles/kubernetes/node/templates/nginx.conf.j2 b/roles/kubernetes/node/templates/nginx.conf.j2 index 0c869d94a..bdd830d7d 100644 --- a/roles/kubernetes/node/templates/nginx.conf.j2 +++ b/roles/kubernetes/node/templates/nginx.conf.j2 @@ -19,7 +19,7 @@ stream { } server { - listen {{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}; + listen 127.0.0.1:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}; proxy_pass kube_apiserver; proxy_timeout 10m; proxy_connect_timeout 1s;