How to not expose Traefik port to the internet?

Try to remove the expose and exposedPort parameter.

Try this:

ports:  metrics:    expose: true    port: 3333    exposedPort: 3333    protocol: TCPenv:- name: POD_IP  valueFrom:    fieldRef:      apiVersion: v1      fieldPath: status.podIPadditionalArguments:- "--metrics.prometheus=true"- "--metrics.prometheus.buckets=0.100000, 0.300000, 1.200000, 5.000000"- "--metrics.prometheus.addEntryPointsLabels=true"- "--metrics.prometheus.addServicesLabels=true"- "--entrypoints.metrics.address=$(POD_IP):3333/tcp"- "--metrics.prometheus.entryPoint=metrics"

Traefik will expose metrics only at POD_IP network interface.

And/or additionally, i'd propose to update firewall settings at your workers (iptables, etc...)

kubernetes kubernetes-helm traefik

If you prefer to set a configuration outside of traefik :I think that you can use something like iptable to block access to this port from outside of your server. Or only accept to this port for a specific sub network.

iptables -A INPUT -s 0.0.0.0  -i eth0 --protocol tcp --dport 3333 -j DROP

CodeHunter

How to not expose Traefik port to the internet?

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last