April has been a busy month in the cloud-native community. A new Kubernetes has been released, and KubeCon and PromCom are almost here. Don’t miss our cloud-native highlights!
Sign up for our monthly Cloud-native News.
Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.
The news
- Grafana, Loki, and Tempo are being relicensed to AGPLv3.
- Netflix open-sourced a control plane for AWS permissions and accesses.
- Google Cloud opened a new region in Warsaw, Poland.
- Amazon DynamoDB supports audit logging using CloudTrail.
- HashiCorp Terraform 0.15 has been released.
- Amazon introduced OpenSearch, a fork for ElasticSearch and Kibana.
Kubernetes 1.21 released
One of the biggest things to roll out in April was the release of Kubernetes 1.21. Two of the most important highlights for this release were the introduction of suspended jobs and the PodSecurityPolicy deprecation.
Read all the enhancements and changes in our article on what’s new in Kubernetes 1.21.
Industry buzz
How companies use Kubernetes
Discover how, although DevOps teams normally prefer to use managed Kubernetes services, in smaller-scale situations, Kubernetes can be also convenient and easy to manage.
Understand the attack surface of storage services
Learn how to protect your storage services with this tour through the different threat stages, based on the MITRE ATT&CK® framework.
Defending your clusters
Keep the bad guys out of your containers with this Kubernetes security guide that goes from the kernel to the cluster configuration.
ARM in the cloud
Read this interesting story about early adopters of EC2 instances running AWS Graviton processors, based on the Arm 64-bit architecture.
Community tips
Vulnerabilities on Windows Server containers
Read how this author found several privilege escalations vulnerabilities on Windows Server Containers.
Kubernetes on baremetal, from scratch
Learn how to set up Kubernetes in your own baremetal with this complete guide, containing network tips, MetalLB, HA Proxy, and more.
Monitoring Kubernetes traffic with Falco
Discover how to use Falco to monitor outbound traffic for Pods in Kubernetes with this awesome guide, full of examples.
Keyloggers on your EC2 instance
Dig into how a keylogger could be set in your unix machine (e.g., one of your EC2 instances) and discover how you could protect from attacks like it.
Enjoy upgrading Kubernetes
Read this inspiring story about how a massive upgrade from Kubernetes 1.16 to 1.19 was a pure pleasure!
Comparing Kubernetes microservice mesh solutions
Take a look at this comparison between Istio, Linkerd, and Consul.
Fun and useful Google Cloud cheat sheets
Sometimes a picture is worth a thousand words. Check out these five useful cheat sheets for Google Cloud Platform.
What’s New with Sysdig?
Detecting exploits of ld.so.preload
It’s easy to hide malicious processes so they don’t appear in ps or top. Check out how to unveil them using Falco.
Key metrics when monitoring Amazon RDS
Learn how to monitor Amazon RDS with Prometheus and discover the top five key metrics you need to look at.
Mitigating CVE-2021-20291
Understand how CVE-2021-20291 works, what parts of Kubernetes are affected, and how to mitigate it.
Recent releases and ecosystem updates
Most Sysdig products received updates in the last few days: Sysdig Secure and the Sysdig Cloud Connector, Sysdig Monitor, Sysdig Agents, our CLI and tools, and much more. Read all about the interesting new features and ecosystem updates on our blog.
Stay safe. Meet us online:
Preparing for the
Certified K8s Security Specialist (CKS) Exam
May 20 | 9am Pacific | 12pm Eastern
