The latest News and Information on Containers, Kubernetes, Docker and related technologies.
Yesterday, my morning started much like most Tuesday mornings do for me... my kids (6 and 4) were up way too early again at around 6am! Both were demanding I play with them before they head to school. I did my usual and said "give me five minutes" as I tried to wake up after another night of going to sleep after midnight... one day I should really learn to go to bed earlier, now that I have kids! But this morning was different. I started to wake from my dazed state and reached for my phone.
We recently released the automated Falco rule tuning feature in Sysdig Secure. Out-of-the-box security rules are a double-edged sword. On one side, they allow you to get started right away. On the other, it can take many working hours to learn the technology, configuration, and syntax to be able to customize the rules to fit your applications. Falco’s default security rules are no different.
In a recent post by ZDI, researchers found an out-of-bounds access flaw (CVE-2021-31440) in the Linux kernel’s (5.11.15) implementation of the eBPF code verifier: an incorrect register bounds calculation occurs while checking unsigned 32-bit instructions in an eBPF program. The flaw can be leveraged to escalate privileges and execute arbitrary code in the context of the kernel.
Kubernetes just turned 7 years old, and over the last couple of years, it has risen in popularity to be the key platform for microservices management consistently. The ecosystem around it is also growing rapidly.
Nowadays APIs are the de facto method of communication between services. With all the connections points, setting up environments to efficiently build and test can be difficult. Also, in lower environments, 3rd party APIs can be unreliable, incorrect or non-existent.
Docker containers have revolutionized the cloud industry. While Docker containers already present remarkable benefits and plus-points over other virtualization methods, there are significant performance gains that developers can further squeeze out of Docker to get the most out of the technology. This guide will cover different methods of optimizing Docker performance and answer some frequently asked questions about the technology.