There might be general disagreement that running this over public is unsafe but here are some pointers :

• Statement that any pods that open ports are by default public is basically wrong. every pod has it's own network namespace, thus even though it listens on 0.0.0.0 to capture any traffic, this happens solely inside that native namespace thus by no means that is it exposed outwardly. Until you configure kubernetes service of NodePort or LoadBalancer sort to expressly expose this service (and it's backing pods ports) to the net. And you'll management this even a lot of by means that of Network Policies.
• The traffic between pods in usual kubernetes setup passes via an overlay network like ie. flannel, calico or weave. Weave Net, support traffic ciphering explicitly to make it safer for the overlay to communicate over public network.
• It is absolutely fine to expose master on the public internet, as you would do with any other server. It is by design protected with authentication/cipher. Clearly a regular sec hardening should be in place, but that is a case for any internet facing system. Your masters will also run things like scheduler and controller-manager, all locally, so not really an issue.
• You should also set proper firewall rules on every node to differentiate between internal and public traffic

I think so you can run it over public network in a safe way .

Hope this helps you !