Our site's reliability is less than 100%, due to a ton of useless 3rd party probes. We fail them explicitly, however, they add additional load on on Azure AKS nodes and pose a security threat. At time more than half of the requests is from this type of probe traffic, which we want to stop. Any suggestions how to achieve this?
You could enable network policy Azure
in thenetwork profile of your AKS to be able to create Kubernetes defualt Network Policies .If you enable the network policy Calico
you could also enable GlobalNetworkPolicies for the whole cluster.
With this you are able to block this unwanted traffic at the network level, globally or per namespace.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.