stackoom
  简体   繁体   中英

Azure Container Service Kubernetes Unmanaged ssh & kube tls security

 原文  2018-05-11 10:05:37       azure/ kubernetes/ azure-container-service

Question

When an Azure Container Service (unmanaged) is created using the Azure portal the ssh port 22 & kube tls port 443 are exposed on the internet. I would like to remove default SSH access and only allow kube tls from a specific public ip.

Is this a good practice or will this break the service?

Kind Regards

1 answers

solution1
 0 ACCPTED  2018-05-11 13:43:09

To manage Kubernetes cluster you only need access to Kubernetes API server port. Closing SSH port shouldn't break Kubernetes functionality.

You might need to open additional resources when you start configuring external access to your application inside the cluster.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Kubernetes on Azure Container Service Not able to create Azure Container Service type = Kubernetes Specifying Kubernetes version for Azure Container Service Does NodePort work on Azure Container Service (Kubernetes) Can we configure kube-router network policy from Azure Kubernetes Service using ARM Template Loading a TLS certificate uploaded to the Azure portal into a Linux app service container Issue of while Authenticate with Azure Container Registry from Azure Kubernetes Service Security model of Azure Kubernetes Service ( AKS ) Managed Clusters Azure Container/Kubernetes Service - Network interface and IPs are not deleted Auto-scaling of agent/worker nodes in Azure Container Service [Kubernetes]
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM