Testing configurations for DDOS protection

Proposers

• David Araújo (Instituto de Telecomunicações)

Description

Exploring which configurations can be improved to preserve availability during possible DDOS attacks. This may include NGINX rate limiting, IP blacklisting, pod replication, among others.

Demo or definition of done

• NGINX ingress configurations were added to limit the frequency of requests to the WebUI.
• CockroachDB cluster deployment manifest configured to evenly spread the pods across all nodes in the microk8s cluster.
• NATS cluster mode developed and implemented. NATS is now capable of deploying multiple pods and evenly spreading them across the nodes.