[WIP] Lock down Prometheus Alertmanager and NATS ports by default

[johnmccabe]

Description

This PR makes the following changes:

• Stop exposing the Alertmanager and NATS ports by default on Swarm.
• Add instructions on locking down the Prometheus endpoint to the Nginx contrib docs

Motivation and Context

• I have raised an issue to propose this change (contrib/nginx should lock down prometheus server and alertmanager #356)

How Has This Been Tested?

Locking down Alertmanager and NATS

• Tested auto-scaling still works on Swarm with the Alertmanager port no longer mapped outside of the func network.
• Tested async functions still work on Swarm with the NATS ports no longer mapped outside of the func network.

TODO

• test/update behaviour on kubernetes - PR raised Lock down Prometheus Alertmanager and NATS ports by default + bump images/tags faas-netes#79
• update docs

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I've read the CONTRIBUTION guide
• I have signed-off my commits with git commit -s
• I have added tests to cover my changes.
• All new and existing tests passed.

[alexellis]

Great idea 👍 if people need these for testing they can re-enable again.

[alexellis]

oops.. ^

[johnmccabe]

you ain't seen nothing right, this didn't happen cough

[johnmccabe]

Fixed in aba8850

[alexellis]

I can't merge due to rebasing error. Happy to take this change though.

[alexellis]

Please rebase

[derek]

Thank you for your contribution. I've just checked and your commit doesn't appear to be signed-off.
That's something we need before your Pull Request can be merged. Please see our contributing guide.