[RHOCP 4] Private OpenShift clusters should by default provision private LoadBalancers

Solution Verified - Updated -


When installing a private OpenShift cluster, the assumption is that nothing is exposed to the internet. By private, it means that the OpenShift cluster can only be accessed from an internal network and that cluster is not visible and reachable from the internet. When creating a service of type LoadBalancer for a private OpenShift cluster provisioned on AWS, it creates a public LoadBalancer and is assigned a public IP address, exposing a private cluster to the internet and causing unwanted security breaches.


  • Red Hat OpenShift Container Platform (RHCOP)
    • 4
  • Amazon Web Services (AWS)
  • Mircosoft Azure

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content