June 2021 cloud-native news

Hello from all of us at Sysdig!

Summer is almost here, but we know that’s not going to stop your craving for news. Don’t miss our cloud-native highlights!

• The news
• Industry buzz
• Community tips
• What’s new with Sysdig?
• Meet us online

---

---

Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.

The news

• Terraform 1.0 is now generally available.
• Google introduced the Open Source Insights Project.
• New Azure Region in Arizona, and AWS Region in Beijing.
• KubeCon + CloudNativeCon Europe 2021 transparency report available.
• CKA, CKAD, and CKS exams now include an exam simulator.

Industry buzz

eBPF for cloud network infrastructure insight

Learn how Netflix uses eBPF for ingesting and enriching billions of TCP flow logs to provide visibility into their cloud ecosystem.

Securing accesses to cloud accounts

Read how Segment’s security team federated their cloud access with Okta to get a single place to manage which users have access to certain roles and applications.

NCSC Asset management guidance

Check out the UK’s National Cyber Security Centre guidance developing an asset management process that supports cybersecurity.

Linkerd vs. Istio performance

Take a look at this benchmark comparison between the two leading service-mesh solutions for Kubernetes.

Community tips

Choosing the best autoscaling strategy

Learn how to size your cluster nodes, configure the Horizontal and Cluster Autoscaler, and overprovision your cluster for faster scaling.

Publish to ECR securely

Discover how to use Github Actions to securely publish your images to Amazon ECR, without writing credentials for one system stored on another platform. It also comes with the configuration to try it!

Tips for using Docker Compose in production

Ready to start with containers but don’t need all the features in Kubernetes? Check out these best-practice patterns for using Docker and Docker Compose in production.

Kubernetes Audit Logs as a Falco source

Don’t miss this awesome guide to detect intrusions that happened in your Kubernetes cluster through audit logs by using Falco.

Cluster NodeJS library in containers

Read how the cluster library for Node.js uses the number of CPU cores in the host to spawn processes, and how using it in a containerized application can lead to dozens of unexpected replicas of your application.

Using machine learning to reduce Amazon RDS cost

Take a look at this example of how to automatically optimize RDS PostgreSQL configuration files by using machine learning to improve performance and reduce costs by 50 percent. Also, don’t miss our top 10 metrics for monitoring PostgreSQL on RDS.

What’s New with Sysdig?

New! Host scanning in Sysdig Secure

Our newest release of Sysdig Secure consolidates vulnerability scanning for containers and hosts in a single workflow, so you can fix vulnerabilities faster. And it’s so simple to deploy that you’ll be scanning images and hosts in just seconds. See it in action in our demo vídeo.

Software is not perfect, and its flaws can often be exploited to compromise your infrastructure. Discover these ten tips on how to tame the vulnerability beast.

Related: Sysdig Secure can help you implement File Integrity Monitoring for both containers and Linux hosts.

Rightsizing Kubernetes resource limits

Learn how to set the right Kubernetes resource limits: from detecting the containers without any limit to finding the right Kubernetes resource limits you should set in your cluster.

Automated Falco rule tuning

Discover how this new feature will help your team get better security insights while reducing the noise and helping avoid alert fatigue.

Recent releases and ecosystem updates

Most Sysdig products received updates in the last few days: Sysdig Secure and the Sysdig Cloud Connector, Sysdig Monitor, Sysdig Agents, our CLI and tools, and much more. Read all about the interesting new features and ecosystem updates on our blog.

Stay safe. Meet us online: