Operations | Monitoring | ITSM | DevOps | Cloud

August 2020

Secure and monitor your containers on Bottlerocket from AWS

Sysdig is pleased to support AWS today in their GA launch of Bottlerocket, a special-purpose operating system designed for hosting Linux containers. Orchestrated container environments run potentially hundreds of compute nodes. Operating general-purpose Linux on container hosts introduces complexity for IT teams who must patch and update packages across their clusters. Worse, features and packages that are not necessary for running containers, introduce unnecessary security exposure.

How to monitor Harbor registry with Prometheus metrics

In this blog post, we are going to explain how to monitor Harbor container registry with Prometheus metrics. Harbor is an open-source container registry, originally developed by VMware and now under the CNCF umbrella. Although many of us typically use hosted container registries such as DockerHub, Quay, ECR, GCR, or ACR, when you need a self-hosted registry, Harbor is a great choice. Harbor provides great features such as RBAC, replication, and image scanning.

What's new in Kubernetes 1.19?

Kubernetes as a project is maturing, support has been increased from nine to 12 months, and there’s a new protocol in place to ensure a steady progress on feature development. Also, many of its new features are meant to improve the quality of life of its users, like Generic ephemeral inline volumes, or the structured logging.

Sysdig 2020 Container Security Snapshot: Key image scanning and configuration insights

Today, we are excited to share our Sysdig 2020 Container Security Snapshot, which provides a sneak peak into our upcoming 2020 Container Usage Report As containers and Kubernetes adoption continue to increase, cloud teams are realizing they need to adopt a new workflow that embeds security into their DevOps processes. Secure DevOps, a variation of DevSecOps, embeds security and monitoring throughout the application lifecycle, from development through production.

Automate registry scanning with Harbor & Sysdig

Discover what registry scanning is, how it helps with shifting security left, and how you can implement it using Harbor and Sysdig. Shifting security left is all about moving security to the earliest possible moment in the development process, dramatically improving “time to fix” and security impact. In this article, we’re going to show you how to shift left with Harbor registry and Sysdig Secure.

How to monitor etcd

Learning how to monitor etcd is of vital importance when running Kubernetes in production. Monitoring etcd will let you validate that the service performs as expected, while detecting and troubleshooting issues that could take your entire infrastructure down. Keep reading to learn how you can collect the most important metrics from etcd and use them to monitor this service. etcd is a foundational component of the Kubernetes control plane.

Exporters and Target Labels

When monitoring third-party applications with Prometheus, you’ll need an exporter if the application doesn’t already expose metrics in the appropriate format. How do you find an appropriate exporter, and once you have your exporters, how should you organize your label taxonomies to reflect your infrastructure? Many applications in the systems you’re in charge of will be third-party applications, which do not natively expose Prometheus-formatted metrics.