| CPC H04L 63/0236 (2013.01) [H04L 63/0428 (2013.01)] | 20 Claims |
|
1. A computer-implemented method for securing metrics relating to a pod orchestrated by a container orchestration platform implementing a service mesh, wherein a sidecar proxy container is installed in the pod along with network routing rules to redirect application traffic via the sidecar proxy container, the metrics secured prior to transmission of the metrics to a metrics collection service, the method comprising:
receiving a secure request having an IP address of the pod;
forwarding the secure request to a container of the pod identified by the IP address;
receiving an unsecure request having the IP address of the pod;
redirecting, via the sidecar proxy container, the unsecure request to an internal router;
examining, by the internal router, content of the received unsecure request;
based on the examining, determining, by the internal router, whether the received unsecure request includes a request for metrics information;
passing, by the internal router, the received unsecure request to an original destination of the received unsecure request within the pod identified by the IP address when the received unsecure request does not include a request for metrics information; and
rejecting, by the internal router, the received unsecure request when the received unsecure request includes a request for metrics information.
|