[RHOCP 4] Private OpenShift clusters should by default provision private LoadBalancers
Issue
When installing a private OpenShift cluster, the assumption is that nothing is exposed to the internet. By private
, it means that the OpenShift cluster can only be accessed from an internal network
and that cluster is not visible and reachable from the internet. When creating a service
of type LoadBalancer
for a private OpenShift cluster provisioned on AWS
, it creates a public LoadBalancer
and is assigned a public IP address
, exposing a private cluster to the internet and causing unwanted security breaches.
Environment
- Red Hat OpenShift Container Platform (RHCOP)
- 4
- Amazon Web Services (AWS)
- Mircosoft Azure
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.