Securing Kubernetes Ingress Traffic for Public-Facing Microservices Using TLS Termination and WAF Integration

Authors

Charan Shankar Kummarapurugu

Abstract

As Kubernetes has become a leading platform for managing containerized microservices, securing the flow of external traffic into these systems has grown increasingly important. Public-facing microservices are particularly exposed to threats like data breaches, Distributed Denial of Service (DDoS) attacks, and unauthorized access. This paper presents a solution that combines Transport Layer Security (TLS) termi- nation and a Web Application Firewall (WAF) to address these security challenges. TLS termination ensures that communication between users and services remains encrypted, protecting data in transit, while the WAF offers an additional safeguard by analyzing incoming HTTP/HTTPS traffic for potential threats. The proposed architecture integrates seamlessly with Kubernetes, using automated tools for managing TLS certificates and applying WAF rules. Through performance benchmarks and security tests, this study demonstrates that the approach effectively balances robust security with low latency, making it a viable option for deployment in enterprise-grade Kubernetes environments. The results highlight the practical benefits of the solution, offering improved protection without compromising on performance.

Keywords

Kubernetes, Microservices, Ingress, TLS Termi- nation, Web Application Firewall (WAF), Security

Securing Kubernetes Ingress Traffic for Public-Facing Microservices Using TLS Termination and WAF Integration. Charan Shankar Kummarapurugu. 2020. IJIRCT, Volume 6, Issue 2. Pages 1-9. https://www.ijirct.org/viewPaper.php?paperId=2411037