Denial of Service

Let's learn about denial of service (DoS) attacks in this lesson.

We'll cover the following

Protecting cluster resources against DoS attacks
Protecting the API server against DoS attacks
Protecting the cluster store against DoS attacks
Protecting application components against DoS attacks

Denial of Service (DoS) is all about making something unavailable. There are many types of DoS attacks, but a well known variation is overloading a system to the point that it can no longer service requests. In the Kubernetes world, a potential attack might be to overload the API server so that cluster operations grind to a halt (even essential system services have to communicate via the API server).

Let’s take a look at some potential Kubernetes systems that might be targets of DoS attacks, and some ways to protect and mitigate them.

Get hands-on with 1200+ tech skills courses.

Kubernetes Primer

Kubernetes Principles of Operation

Installing Kubernetes

Working With Pods: Theory

Working With Pods: Hands-On

Kubernetes Deployments

Kubernetes Services: Theory

Kubernetes Services: Hands-On

Service Discovery

Kubernetes Storage

ConfigMaps

StatefulSets

Threat Modeling Kubernetes

Real-World Kubernetes Security

Conclusion

APPENDIX A: Other Important Stuff

Denial of Service