What type is the service? You are probably using load balancer or nodeport. Right?
In that case, just change them to cluster IP. Also, see here for services types: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types And don't hesitate to ask if it doesn't do the trick or something :) On Wednesday, June 21, 2017, Evg <eskor...@gmail.com> wrote: > Hello, there is a need to close external access to ports opened by > kube-proxy (in userspace mode). > There is first chain in INPUT called KUBE-NODEPORT-NON-LOCAL, which > contains opened ports. > How can I prevent undesirable access to them? > Rules added before this chain disappears after reboot so far. > > -- > You received this message because you are subscribed to the Google Groups > "Kubernetes user discussion and Q&A" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to kubernetes-users+unsubscr...@googlegroups.com > <javascript:_e(%7B%7D,'cvml','kubernetes-users%2bunsubscr...@googlegroups.com');> > . > To post to this group, send email to kubernetes-users@googlegroups.com > <javascript:_e(%7B%7D,'cvml','kubernetes-users@googlegroups.com');>. > Visit this group at https://groups.google.com/group/kubernetes-users. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.
