Do not bind to insecure port. Rationale: Setting up the apiserver to serve on an insecure port would allow unauthenticated and unencrypted access to your master node. This would allow attackers who could access this port, to easily take control of the cluster. Impact: All components that use the API must connect via the secured port, authenticate themselves, and be authorized to use the API. This includes: kube-controller-manager kube-proxy kube-scheduler kubelets
Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the master node and set the below parameter. --insecure-port=0 Default Value: By default, the insecure port is set to 8080.