October 2021 cloud-native news

Hello from all of us at Sysdig!

It’s been a crazy month for the cloud-native community. We, at Sysdig, have been busy with the KubeCon, CloudNativeCon, and PromCon events.

Don’t miss our cloud-native highlights!

• The news
• Industry buzz
• Community tips
• What’s new with Sysdig?
• Meet us online

---

---

Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.

The news

• Falco 0.30 released.
• Kubernetes Cluster API 1.0 released and production-ready.
• Cloudflare announced R2 storage.
• GitLab goes public on Nasdaq.
• Python 3.10 released.

Industry buzz

Could AWS us-east-1 go away?

Take a look at what would happen if the biggest AWS region went down. There have been estimates that 30 percent of all Internet traffic flows through the us-east-1 (N. Virginia) region… How could this happen? What consequences would this have?

How to secure Kubernetes

Catch up with how to build a secure infrastructure in the times of infrastructure as code, from the words of Loris Degioanni (Sysdig) and Shlomi Wexler (Apolicy).

Kubernetes co-founder Interview

Don’t miss this interview with Joe Beda, Kubernetes co-founder, where he covers the origins of Kubernetes, as well as other cloud and software topics.

Cloud Native Security Survey: Kubernetes Defaults Too Open

Check out this article covering respondents to a CNCF security survey that said default settings for the Kubernetes container orchestration platform are “too open.” Here’s the report.

Community tips

Hunting down a C memory leak in a Go program

Read this amazing article from the Zendesk Engineering team, showing step by step how they used eBPF to troubleshoot a memory leak caused by Kafka events that weren’t being properly handled.

Mitigating Linux kernel memory corruption bug

Take a look at this in-depth analysis of a simple Linux kernel memory corruption bug that can lead to complete system compromise. The article also covered how to address memory corruption issues to avoid potential attacks.

Extending kubectl with plugins

Discover how to extend kubectl with plugins to add subcommands that can suit your requirements better.

Access your Kubernetes Lab through Cloudflare

Learn how to use Cloudflare Tunnel to connect your home’s Kubernetes Lab to the Cloudflare network, and then use Auditable Terminal to access it using a browser.

Monitor the network activity in Linux

Check out these 19 useful commands that can help you to monitor network activities Linux. The guide’s full of examples and also covers how to install the commands.

What’s New with Sysdig?

Entitlements and access management support for AWS

Over-permissioned accounts and roles are the most common cloud service misconfiguration security problem. It’s easy to exploit misconfigured accounts, but it’s also easy to detect these exploits.

Discover what Cloud Infrastructure Entitlements and access Management (CIEM) is, and how easy it is to implement with Sysdig Secure for cloud.

Container security best practices: Comprehensive guide

Beyond the container image itself, these 18 concrete best practices cover the full component stack used for building, distributing, and specially executing containers.

ISO 27001:2013 compliance with Sysdig Secure

Getting this certification is not trivial and requires several steps. Discover how Sysdig can save you from cost and headaches throughout the process.

Trigger a Kubernetes HPA with Prometheus metrics

Discover how easy it is to build a Kubernetes Horizontal Pod Autoscaler, triggered by metrics from Prometheus.

Monitoring a Windows Cluster with Prometheus Remote Write

Read how to use Prometheus remote write to monitor a Windows cluster, so you can monitor all your Windows infrastructure from the same dashboard.

Recent releases and ecosystem updates

Most Sysdig products received updates in the last few days: Sysdig Secure and the Sysdig Cloud Connector, Sysdig Agents, our CLI and tools, and much more. Read all about the interesting new features and ecosystem updates on our blog.

Stay safe. Meet us online: