From 4c5735cef8b55104e92068cb503e3cc1a5d4f813 Mon Sep 17 00:00:00 2001
From: Smaine Kahlouch <smaine.kahlouch@arkena.com>
Date: Tue, 19 Jan 2016 13:34:30 +0100
Subject: [PATCH] configure dnsmasq to listen on localhost only

---
 roles/dnsmasq/templates/01-kube-dns.conf.j2 | 5 +++--
 roles/dnsmasq/templates/dnsmasq-pod.yml     | 2 --
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/roles/dnsmasq/templates/01-kube-dns.conf.j2 b/roles/dnsmasq/templates/01-kube-dns.conf.j2
index e9e8d62e0..7a46bee82 100644
--- a/roles/dnsmasq/templates/01-kube-dns.conf.j2
+++ b/roles/dnsmasq/templates/01-kube-dns.conf.j2
@@ -1,5 +1,6 @@
-#Listen on all interfaces
-interface=*
+#Listen on localhost
+bind-interfaces
+listen-address=127.0.0.1
 
 addn-hosts=/etc/hosts
 
diff --git a/roles/dnsmasq/templates/dnsmasq-pod.yml b/roles/dnsmasq/templates/dnsmasq-pod.yml
index 70a826600..1150e14c7 100644
--- a/roles/dnsmasq/templates/dnsmasq-pod.yml
+++ b/roles/dnsmasq/templates/dnsmasq-pod.yml
@@ -29,11 +29,9 @@ spec:
         - name: dns
           containerPort: 53
           hostPort: 53
-          hostIP: 127.0.0.1
           protocol: UDP
         - name: dns-tcp
           containerPort: 53
-          hostIP: 127.0.0.1
           hostPort: 53
           protocol: TCP
       volumeMounts:
-- 
GitLab