Ingress

Kubernetes NGINX Ingress Controller

Installation

You can find the official Installation guides here.

Securing your Endpoints: `/healthz`, `/metrics` and Friends

I'm talking about the kubernetes/ingress-nginx controller and not the NGINX Inc one.

With this NGINX server block snippet you can make sure that these endpoints (you can extend the list), can't be accessed from externally.

nginx-snippet.conf

location ~ ^/(healthz|metrics|readiness) {
    deny all;
    return 404;
}

Helm Chart Values

If you want to apply the server-snippet config option globally, you would add it to your Ingress NGINX Helm chart values like this:

values.yaml

controller:
  config:
    server-snippet: |
      location ~ ^/(healthz|metrics|readiness) {
        deny all;
        return 404;
      }

Other Installations

When not using the Helm chart you would need to enable (Example) and add the option to it, example:

configmap.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: nginx-configuration
data:
  server-snippet: |
    location ~ ^/(healthz|metrics|readiness) {
        deny all;
        return 404;
    }

Snapshots: Save & Restore