Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-5265

Provide configuration of CoreDNS to allow or restrict access from external to the node on port 53

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • 4.13
    • Network Edge

      1. Proposed title of this feature request

      Provide configuration of CoreDNS to allow or restrict access from outside of the node on port :53

      2. What is the nature and description of the request?

      For production clusters, this port should be restricted from access by any attempt from outside the node for improved security.  Currently this port is unrestricted.  The request is to provide configuration from within the setup of CoreDNS to specify whether access from outside the cluster is allowed or restricted.  Default configuration would be 'allow'.

      3. Why does the customer need this? (List the business requirements here)

      Customer's security team requires that this restriction be enabled in the product directly and not rely on blocks from outside of the cluster, such as with external firewall rules, etc.

      4. List any affected packages or components.

      CoreDNS

              mcurry@redhat.com Marc Curry
              rhn-support-tmanor Thomas Manor
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: