Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
Description
By default the REST endpoints bind to 0.0.0.0.
This is fine for docker use-cases as it simplifies the setup and the API isn't reachable unless the user explicitly enables that via docker.
However, for standalone clusters this is a different story, and it is currently too easy for users to accidentally expose their clusters to the outside world.
We should set the bind address by default to localhost, and change the docker-scripts to set this to 0.0.0.0 .
Attachments
Issue Links
- causes
-
FLINK-27118 Flink on Yarned failed with the default flink-conf
- Closed
-
FLINK-27341 TaskManager running together with JobManager are bind to 127.0.0.1
- Closed
-
FLINK-29572 Flink Task Manager skip loopback interface for resource manager registration
- Closed
- is related to
-
FLINK-21383 Docker image does not play well together with ConfigMap based flink-conf.yamls
- Open
- relates to
-
FLINK-26468 Test default binding to localhost
- Closed
- links to