This work addresses the high response latency of traditional Kubernetes autoscaling mechanisms and their inability to distinguish between legitimate traffic bursts and DDoS attacks, which compromises both system availability and security. The authors propose a novel approach that integrates predictive autoscaling with eBPF-based kernel-level security policies to enable traffic-aware scaling decisions and Layer 7 isolation directly at the network layer. This is the first framework to combine predictive machine learning models with eBPF-driven network policies, extending Kubernetes’ Horizontal Pod Autoscaler (HPA) for coordinated optimization. Experimental results demonstrate that, compared to conventional reactive autoscaling, the proposed method reduces timeout errors by 32% under bursty traffic while ensuring immediate network convergence and secure isolation for newly scheduled pods.

Achieving high availability and robust security in Kubernetes requires more than reactive scaling and standard perimeter firewalls. Traditional autoscalers, such as HPA, often fail to react quickly to traffic spikes and cannot distinguish between legitimate flash crowds and DDoS attacks. We present an open-source toolchain to provide a traffic-aware autoscaling approach that utilizes an eBPF-based networking layer to enforce security policies at the kernel level while orchestrating scaling decisions based on predictive models. Our results demonstrate that the predictive approach reduces timeout errors by 32% during sudden traffic surges compared to standard reactive scaling, while ensuring immediate network convergence and layer 7 security isolation for newly scaled pods.