The Official Sysdig Blog

Author - mateo

Kubernetes Security Guide, Chapter 3. Securing Kubernetes components: kubelet, etcd and Docker registry

By on April 24, 2018

In this chapter of the Kubernetes security guide, we are going to cover best practices related to sensitive Kubernetes components and common external resources like the Docker registry. We will learn how…

Read More →

Kubernetes Security Guide, Chapter 2: Kubernetes Security Context and Kubernetes Network Policy

By on April 4, 2018

Once you have defined Kubernetes users and services credentials and permissions, we start leveraging Kubernetes orchestration capabilities to configure security at the pod level. We will learn how to use Kubernetes Security…

Read More →

Kubernetes Security Guide, Chapter 1: Kubernetes RBAC and TLS certificates

By on April 4, 2018

RBAC security context is a fundamental part of your Kubernetes security best practices, as well as rolling out TLS certificates / PKI authentication for the core Kubernetes API server. We will learn…

Read More →

Sending Kubernetes & Docker events to Elasticsearch and Splunk using Sysdig

By on March 6, 2018

In this article we are going to see how to aggregate Kubernetes / Docker events and alerts into a centralized logs system like Elasticsearch and Splunk. Logging engines are a great companion…

Read More →

How to monitor Istio, the Kubernetes service mesh

By on February 27, 2018

In this article we are going to deploy and monitor Istio over a Kubernetes cluster. Istio is a microservice mesh platform that offers advanced routing, balancing, security and high availability features, plus…

Read More →

How to build a Kubernetes Horizontal Pod Autoscaler using custom metrics

By on February 20, 2018

The default Kubernetes Horizontal Pod Scaler (HPA) uses CPU load, in this article we will show how to configure it to pivot over any other monitoring metric implementing and extending the Kubernetes…

Read More →

How to deploy Openshift on AWS

By on January 25, 2018

In the following tutorial we will show how to quickly boot an OpenShift Origin multinode deployment on Amazon AWS using CloudFormation and Ansible. We found the reference architecture had too many additional…

Read More →

Integrating Prometheus alerts and events with Sysdig Monitor

By on December 13, 2017

Prometheus alerts: Sysdig ♥ Prometheus (part II) If you already use (or plan to use) Prometheus alerts and events for application performance monitoring in your Docker / Kubernetes containers, you can easily…

Read More →

Kubernetes Security: How to harden internal kube-system services

By on November 27, 2017

Are you looking at how to improve your Kubernetes security?. We have put together here the best practices for implementing run-time security on the kube-system components (kubelet, apiserver, scheduler, kubedns, etc) deployed…

Read More →

Sysdig Secure, Docker native run-time security

By on November 13, 2017

The veil has lifted! Sysdig Secure was officially launched last month. Now the Sysdig commercial offering includes run-time security for Docker and microservices. Natively integrated with key container orchestration technologies like Kubernetes,…

Read More →