Return back bind API server node loadbalancer to 127.0.0.1 for security purposes. (#4489)

This commit is contained in:
Sergey 2019-04-10 22:20:08 +03:00 committed by Kubernetes Prow Robot
parent 5e0249ae7c
commit 3b9d13fda9
2 changed files with 2 additions and 2 deletions

View file

@ -27,7 +27,7 @@ frontend healthz
{% endif %}
frontend kube_api_frontend
bind *:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}
bind 127.0.0.1:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}
mode tcp
option tcplog
default_backend kube_api_backend

View file

@ -19,7 +19,7 @@ stream {
}
server {
listen {{ loadbalancer_apiserver_port|default(kube_apiserver_port) }};
listen 127.0.0.1:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }};
proxy_pass kube_apiserver;
proxy_timeout 10m;
proxy_connect_timeout 1s;