Information
Disable the read-only port.
Rationale:
The Kubelet process provides a read-only API in addition to the main Kubelet API. Unauthenticated access is provided to this read-only API which could possibly retrieve potentially sensitive information about the cluster.
Solution
Edit the `/etc/kubernetes/kubelet` file on each node and set the `KUBELET_ARGS` parameter to `'--read-only-port=0'`: `KUBELET_ARGS='--read-only-port=0'`
Based on your system, restart the `kubelet` service. For example: `systemctl restart kubelet.service`
Impact:
Removal of the read-only port will require that any service which made use of it will need to be re-configured to use the main Kubelet API.