Skip to content

Disable the kubelet readonly portΒ #732

New issue
Jump to bottom
New issue
Jump to bottom
Closed
kubernetes/kubernetes
#64187
Closed
Disable the kubelet readonly port#732
kubernetes/kubernetes
#64187
Assignees
luxas
Labels
area/securitylifecycle/activeIndicates that an issue or PR is actively being worked on by a contributor.priority/important-longtermImportant over the long term, but may not be staffed and/or may need multiple releases to complete.
Milestone
Β 
v1.11
@luxas

Description

@luxas
luxas
opened on Mar 16, 2018

@liggitt said, very reasonably:

kubeadm should also disable the readonly port to follow best practices.

ref: kubernetes/kubernetes#59666 (comment)

While we already protect the most essential parts (e.g. disable cAdvisor, protect the API using the authorizer, etc.), we could lock this down by default more as well before going to GA.

cc @timothysc @kad @stealthybox

Metadata

Assignees

Labels

area/securitylifecycle/activeIndicates that an issue or PR is actively being worked on by a contributor.priority/important-longtermImportant over the long term, but may not be staffed and/or may need multiple releases to complete.

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions