We migrated all of our services to Kubernetes about six months ago. At first glance, the task seemed quite simple: deploy a cluster, write application specifications, and that’s it. But, since we’re obsessed with stability, we nevertheless had to learn how k8s works under pressure, so we tested multiple failure scenarios. Most of the questions that arose were network related. One particular point of concern was how Kubernetes Services function.

Monitoring a Kubernetes cluster allows engineers to observe its resource utilization and take action when something goes wrong. This article explores what you should be monitoring and how to go about it with Rancher, Prometheus, and Grafana.

Darren Shepherd, Rancher co-founder and Chief Architect, describes the Kubernetes critical CVE issue he discovered, how it came to a resolution, and what it says about the Kubernetes open-source community.

One of the most common security use cases, is the ability to identify connections generated by malicious actors, or internal components connecting to suspicious servers (e.g malware C&Cs). In this post, we will show how to leverage the Falco engine, to identify connections made to IPs that were flagged by multiple security sensors, and are streamed as a feed to the Falco engine.

In the following tutorial you can learn how to implement container security as code. You probably have a CI/CD pipeline to automatically rebuild your container images. What if you could define your container security as code, push it into a Git repository to version control changes and then enforce your policy in your container orchestration tool like Docker or Kubernetes using Sysdig Secure?

Looking forward to the new Kubernetes 1.13 features? At Sysdig we follow Kubernetes development closely and here we bring you a brief intro to what’s new and features that you will find in the next version of Kubernetes. Kubernetes 1.13 will be out on December 03 2018, so here we go: What’s new in Kubernetes 1.13?

In this tutorial, we will walk through using Rancher to deploy and scale Jenkins on top of Kubernetes. By following steps from this article, you will create a fully functional installation of Jenkins with a master-agent architecture that we use to test real build jobs.

Before the release of Java 9 and 10, there were several limitations to deploying and monitoring Java in Docker. This post explores how the latest versions of Java address the most common of these limitations, and includes examples of how to make the most of monitoring Java in Docker.

With the new ZenPack for Kubernetes containers, Zenoss adds tremendous value to clients by integrating the monitoring of multicloud environments leveraging Kubernetes technology with any IT infrastructure an organization may use — no matter where that infrastructure is located or how it is hosted.

Since the inception of Falco, we’ve seen users write custom rules covering a number of different use cases. Because Falco is behavioral monitoring with a syntax that leverages system calls, you can write a rule for just about anything: opening a file, becoming root, or making a network connection.