TechQA.

Kubernetes web filtering solution

298 views Asked by At

I'm using GKE and want to restrict my external load balancers from unwanted traffic. I found two options that problematic for me:

  1. Nginx plus + maxmind solution for geo filtering - I'm looking for an open source solution (and the maxmind lite is not available anymore).
  2. GKE Ingress + Cloud armor, but I'm using nginx and other load balancers and not the GKE Ingress.

I'm looking for a better solution, maybe in a global kubernetes level implemented as a daemonset or a regular deployment proxy.

kubernetes proxy geolocation google-kubernetes-engine webfiltering
Original Q&A
1

There are 1 answers

1
Harsh Manvar On

i would suggest checking out : https://lab.wallarm.com/how-to-protect-your-kubernetes-cluster-with-wallarm-configuration-and-finetuning-part-2-of-3/

And nice Wallarm WAF ingress controller : https://github.com/wallarm/ingress

With Nginx ingress, there are options to increase to security

ModSecurity at application level metadata and proxy payload size management.

For DDoS protection, you can use the rate-limiting and connection handling option

nginx.ingress.kubernetes.io/limit-connections: '2'
nginx.ingress.kubernetes.io/limit-rpm: '60'

you can whitelist the List of IPs also.

Related Questions in KUBERNETES

Related Questions in PROXY

Related Questions in GEOLOCATION

Related Questions in GOOGLE-KUBERNETES-ENGINE

Related Questions in WEBFILTERING

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions