Can Cilium Network Policy be leveraged to blacklist troublesome hosts
I have been developing a web app living in DO’s managed Kubernetes, and am researching the best way to blacklist Internet ingressed hosts that are an issue. For example, I flag a host as attempting bad authentication attempts too many times. In a VPS hosted environment I would typically do something like run a fail2ban service and let iptables block the hosts based on the fail2ban policies I enable.
In my Kubernetes environment, I have proxy protocol working well, so I can identify hosts that are an issue. What is the best way to actually block those hosts? Is this something I can leverage Cilium Network Policies for, or is there a way to interface with the host system’s iptables?
I am looking for a way I can dynamically (i.e. without a pod/svc restart) block or permit certain hosts at the network layer.
Any help is appreciated,