cloudnativelabs
make healthcheck and metrics port bind locally
By default, kube-router exposes healthcheck, and more severely, prometheus metrics (if --metrics-port=<port> is specified) to ALL IP addresses, and so to the whole Internet, unless some firewalling rules are added. Yes, your firewalls should always work in whitelist mode in production clusters. No, many don't have the time / take care of this.
As was done in #649, I propose limiting these endpoints only to 127.0.0.1, and the node IP (hopefully this is private).
If i recall correctly, the healthcheck endpoint MUST bind to the node IP, since the pod is running in hostNetwork mode, and the kubelet uses that IP address to perform liveness probes.
The metrics port needs to bind to a reachable address too, in order to be scraped by Prometheus.
This improvement should be easy enough as reflecting the change in 106c3ce into https://github.com/cloudnativelabs/kube-router/blob/52127e6ccd591a39a43e6af9ff07a79f0a76112f/pkg/metrics/metrics_controller.go#L163 and https://github.com/cloudnativelabs/kube-router/blob/52127e6ccd591a39a43e6af9ff07a79f0a76112f/pkg/healthcheck/health_controller.go#L143
plus adjust things around to be able to retrieve the node IP there. MetricsController.nodeIP doesn't seem to get initialized, by the way:
https://github.com/cloudnativelabs/kube-router/blob/52127e6ccd591a39a43e6af9ff07a79f0a76112f/pkg/metrics/metrics_controller.go#L190-L195
