Return back bind API server node loadbalancer to 127.0.0.1 for security purposes. (#4489)

pull/4496/head
Sergey 2019-04-10 22:20:08 +03:00 committed by Kubernetes Prow Robot
parent 5e0249ae7c
commit 3b9d13fda9
2 changed files with 2 additions and 2 deletions

View File

@ -27,7 +27,7 @@ frontend healthz
{% endif %} {% endif %}
frontend kube_api_frontend frontend kube_api_frontend
bind *:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }} bind 127.0.0.1:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}
mode tcp mode tcp
option tcplog option tcplog
default_backend kube_api_backend default_backend kube_api_backend

View File

@ -19,7 +19,7 @@ stream {
} }
server { server {
listen {{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}; listen 127.0.0.1:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }};
proxy_pass kube_apiserver; proxy_pass kube_apiserver;
proxy_timeout 10m; proxy_timeout 10m;
proxy_connect_timeout 1s; proxy_connect_timeout 1s;