The latest News and Information on Containers, Kubernetes, Docker and related technologies.
While you’re likely familiar with role-based access control, Sysdig teams introduce the concept of service-based access control. With service-based access control, administrators can define groups of users that have access to policy events, policy configuration, and scanning data limited to a service or set of services, as defined by your orchestration system (think Kubernetes, Mesos, and the like).
LogicMonitor is an agentless monitoring solution. What we really mean by “agentless” is that we don’t require an agent on every monitored server (physical or virtual). One LogicMonitor Collector - a lightweight application that takes just seconds to install - can monitor hundreds or even thousands of devices, including servers, virtual machines, network switches, storage systems, cloud resources, containers, and more.
Monitoring a Kubernetes cluster allows engineers to observe its resource utilization and take action when something goes wrong. This article explores what you should be monitoring and how to go about it with Rancher, Prometheus, and Grafana.
Darren Shepherd, Rancher co-founder and Chief Architect, describes the Kubernetes critical CVE issue he discovered, how it came to a resolution, and what it says about the Kubernetes open-source community.
Sematext provides a single pane of glass and machine learning powered alerts for logs, metrics, traces and digital user experience data. The new Sematext agent is fully Docker Engine and Kubernetes-aware. (Re)written in Go, it has a minimal memory and CPU footprint. It also collects Kubernetes metrics in the most optimal fashion possible.
One of the most common security use cases, is the ability to identify connections generated by malicious actors, or internal components connecting to suspicious servers (e.g malware C&Cs). In this post, we will show how to leverage the Falco engine, to identify connections made to IPs that were flagged by multiple security sensors, and are streamed as a feed to the Falco engine.
In the following tutorial you can learn how to implement container security as code. You probably have a CI/CD pipeline to automatically rebuild your container images. What if you could define your container security as code, push it into a Git repository to version control changes and then enforce your policy in your container orchestration tool like Docker or Kubernetes using Sysdig Secure?
Looking forward to the new Kubernetes 1.13 features? At Sysdig we follow Kubernetes development closely and here we bring you a brief intro to what’s new and features that you will find in the next version of Kubernetes. Kubernetes 1.13 will be out on December 03 2018, so here we go: What’s new in Kubernetes 1.13?