Mitigate http/2 attacks by authenticated clients

[enj]

golang/net@b225e7c does not sufficiently protect us from a malicious http/2 client. #121120 handles unauthenticated clients. This issue tracks mitigations for authenticated clients.

pprof svg from a single client with a single connection attempting to DOS a Kube API server that has max streams set to 100 (memory usage grew to 5 GB in a few mins before it stabilized - with multiple connections the API server would have easily OOM'd):

xref: golang/go#63417 (comment)

[liggitt]

/sig api-machinery

[k8s-ci-robot]

@liggitt: The label(s) sig/networking cannot be applied, because the repository doesn't have them.

In response to this:

/sig api-machinery networking

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[liggitt]

/sig network

[enj]

/milestone v1.29