You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@flink.apache.org by "LI Zhennan (Jira)" <ji...@apache.org> on 2021/10/11 09:52:00 UTC

[jira] [Created] (FLINK-24503) Security: native kubernetes exposes REST service via LoadBalancer in default

LI Zhennan created FLINK-24503:
----------------------------------

             Summary: Security: native kubernetes exposes REST service via LoadBalancer in default
                 Key: FLINK-24503
                 URL: https://issues.apache.org/jira/browse/FLINK-24503
             Project: Flink
          Issue Type: Improvement
          Components: Deployment / Kubernetes
    Affects Versions: 1.13.2, 1.13.1, 1.14.0, 1.13.0
         Environment: Flink 1.13.2, native kubernetes
            Reporter: LI Zhennan


Hi,

 

Flink native k8s deployment exposes REST service via [LoadBalancer in default|[https://nightlies.apache.org/flink/flink-docs-release-1.14/docs/deployment/config/#kubernetes-rest-service-exposed-type].]

I propose to consider it a security issue.

It is very likely for users to unconciously expose their Flink REST service to the wild Internet, given they are deploying on a k8s cluster provided by cloud service like AWS or Google Cloud.

Given access, anyone can browse and cancel Flink job on REST service.

Personally I noticed this issue after my staging deployment went online for 2 days.

Here, I propose to alter the default value to `ClusterIP`, so that:
 # the REST service is not exposed to Internet accidentally;
 # the developer can use `kubectl port-forward` to access the service in default;
 # the developer can still expose REST service via LoadBalancer by expressing it explicitly in `flink run-application` params.

If it is okay, I would like to contribute the fix.

 

Thank you.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)