[
https://issues.apache.org/jira/browse/FLINK-24503?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated FLINK-24503:
-----------------------------------
Labels: pull-request-available security (was: security)
> Security: native kubernetes exposes REST service via LoadBalancer in default
> ----------------------------------------------------------------------------
>
> Key: FLINK-24503
> URL: https://issues.apache.org/jira/browse/FLINK-24503
> Project: Flink
> Issue Type: Improvement
> Components: Deployment / Kubernetes
> Affects Versions: 1.13.0, 1.14.0, 1.13.1, 1.13.2
> Environment: Flink 1.13.2, native kubernetes
> Reporter: LI Zhennan
> Priority: Major
> Labels: pull-request-available, security
>
> Hi,
>
> Flink native k8s deployment exposes REST service via LoadBalancer in default:
> https://nightlies.apache.org/flink/flink-docs-release-1.14/docs/deployment/config/#kubernetes-rest-service-exposed-type
> I propose to consider it a security issue.
> It is very likely for users to unconciously expose their Flink REST service
> to the wild Internet, given they are deploying on a k8s cluster provided by
> cloud service like AWS or Google Cloud.
> Given access, anyone can browse and cancel Flink job on REST service.
> Personally I noticed this issue after my staging deployment went online for 2
> days.
> Here, I propose to alter the default value to `ClusterIP`, so that:
> # the REST service is not exposed to Internet accidentally;
> # the developer can use `kubectl port-forward` to access the service in
> default;
> # the developer can still expose REST service via LoadBalancer by expressing
> it explicitly in `flink run-application` params.
> If it is okay, I would like to contribute the fix.
>
> Thank you.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
