How to prevent DDOS and encrypt communication on GCP

Question

I have made a web application (Play Framework, Cassandra) which I'll not put in production on GCP . However, I am not well versed with networking and systems administration. The application would be containerised and I'll use K8s to create a cluster containing 2 pods for Play web application and 3 pods for Cassandra (for replication). There also be a load balancer service in front of the play application.

1. I suppose the above configuration is still vulnerable to DDOS attack. How can I prevent it on GCP?
2. The communication between the browser and server is not encrypted (eg. the passwords is being sent in plain text. Could could I enable encryption on GCP?
3. Any other tips on creating a reliable production system would be much appreciated. So far I have only worked on my laptop

Answer 1

Please find the below responses

1. I suppose the above configuration is still vulnerable to DDOS attack. How can I prevent it on GCP?

https://cloud.google.com/files/GCPDDoSprotection-04122016.pdf, this can help you with DDOS protection. If you are using APIGEE, then APIGEE edge can also help you

2. The communication between the browser and server is not encrypted (eg. the passwords is being sent in plain text. Could could I enable encryption on GCP?

you will have to install certificated in general and ensure that the data is sent over a https network. You can also try sslforfree

3. Any other tips on creating a reliable production system would be much appreciated. So far I have only worked on my laptop

since you are using K8s to run cassandra please ensure you are using some sort of volumes to store the data.