Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-5265

Provide configuration of CoreDNS to allow or restrict access from external to the node on port 53

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Unresolved
    • Normal
    • None
    • 4.13
    • Network Edge
    • 0
    • 0% 0%

    Description

      1. Proposed title of this feature request

      Provide configuration of CoreDNS to allow or restrict access from outside of the node on port :53

      2. What is the nature and description of the request?

      For production clusters, this port should be restricted from access by any attempt from outside the node for improved security.  Currently this port is unrestricted.  The request is to provide configuration from within the setup of CoreDNS to specify whether access from outside the cluster is allowed or restricted.  Default configuration would be 'allow'.

      3. Why does the customer need this? (List the business requirements here)

      Customer's security team requires that this restriction be enabled in the product directly and not rely on blocks from outside of the cluster, such as with external firewall rules, etc.

      4. List any affected packages or components.

      CoreDNS

      Attachments

        Activity

          People

            mcurry@redhat.com Marc Curry
            rhn-support-tmanor Tom Manor
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: