Our site's reliability is less than 100%, due to a ton of useless 3rd party probes. We fail them explicitly, however, they add additional load on on Azure AKS nodes and pose a security threat. At time more than half of the requests is from this type of probe traffic, which we want to stop. Any suggestions how to achieve this?
Asked
Active
Viewed 41 times
1 Answers
0
You could enable network policy Azure in the network profile of your AKS to be able to create Kubernetes defualt Network Policies.If you enable the network policy Calico you could also enable GlobalNetworkPolicies for the whole cluster.
With this you are able to block this unwanted traffic at the network level, globally or per namespace.
Philip Welz
- 2,449
- 5
- 12