The Controller Manager API service should be bound to localhost

kubernetes

Set up the kubernetes integration.

Description

The Controller Manager service should not be bound to a non-loopback address. The Controller Manager API service which runs on port 10252/TCP by default is used for health and metrics information and is available without authentication or encryption.

Remediation

Edit the Controller Manager pod specification file /etc/kubernetes/manifests/kube-controller-manager.yaml on the master node and ensure the correct value for the --bind-address parameter. For example, --bind-address=127.0.0.1.