movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-11 20:25:32 +03:00
Code Issues Projects Releases Packages Wiki Activity

nixos/manual/kubernetes: re-enabling of insecure ports is no longer possible

Browse source
This commit is contained in:
Johan Thomsen 2022-10-16 00:40:01 +02:00 committed by zowoq
parent 6ec7298ead
commit 38ea9bc083
2 changed files with 0 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

8
nixos/doc/manual/configuration/kubernetes.chapter.md
View file

@ -43,14 +43,6 @@ Note: Assigning either role will also default both
and [](#opt-services.kubernetes.easyCerts)
to true. This sets up flannel as CNI and activates automatic PKI bootstrapping.
As of kubernetes 1.10.X it has been deprecated to open non-tls-enabled
ports on kubernetes components. Thus, from NixOS 19.03 all plain HTTP
ports have been disabled by default. While opening insecure ports is
still possible, it is recommended not to bind these to other interfaces
than loopback. To re-enable the insecure port on the apiserver, see options:
[](#opt-services.kubernetes.apiserver.insecurePort) and
[](#opt-services.kubernetes.apiserver.insecureBindAddress)
::: {.note}
As of NixOS 19.03, it is mandatory to configure:
[](#opt-services.kubernetes.masterAddress).