With the 2.0 release of Sysdig Secure, we’re excited to support new integrations with services Azure provides around containers and Kubernetes. Today we’ll be diving deeper into how to integrate Sysdig Secure with ACR (Azure Container Registry) to scan images for for security, compliance, and reliability.
Moving to a Docker-based cloud for Java apps orchestrated by Mesos Marathon required a different approach to monitoring and security for Quby, the Amsterdam-based developer of smart home solutions and maker of smart thermostat and service platform ‘Toon.’ That’s when they found Sysdig. The Sysdig Cloud-Native Intelligence Platform helps Quby resolve issues faster, and reduces monitoring system administration effort by 400%.
A complete ‘Kubernertes monitoring with Prometheus’ stack is comprised of much more than Prometheus servers that collect metrics by scraping endpoints. To deploy a real Kubernetes and microservices monitoring solution, you need many other supporting components including rules and alerts (AlertManager), a graphics visualization layer (Grafana), long term metrics storage, as well as extra metrics adapters for the software that is not compatible out of the box.
Prometheus monitoring is fast becoming one of the Docker and Kubernetes monitoring tool to use. This guide explains how to implement Kubernetes monitoring with Prometheus. You will learn how to deploy Prometheus server, metrics exporters, setup kube-state-metrics, pull, scrape and collect metrics, configure alerts with Alertmanager and dashboards with Grafana.
Amazon Elastic Container Service for Kubernetes (Amazon EKS) provides Kubernetes as a managed service on AWS. It helps make it easier to deploy, manage and scale containerized applications on Kubernetes. Sysdig cloud-native intelligence solutions – Sysdig Monitor, and Sysdig Secure – provide Amazon EKS monitoring and security from a single agent and unified platform. Sysdig helps AWS customers see more, secure more, and save time in troubleshooting deployed microservices.
In this article we will cover Docker image scanning with open source container security / image scanning tools. We will explain how to to deploy and setup Docker image scanning: both on private Docker repositories, and as a CI/CD pipeline validation step. We will also explore ways of integrating image scanning with CI/CD tools like Jenkins, Kubernetes runtime configuration features and runtime security tools like Falco.
Container security is top-of-mind for any organization adopting Docker and Kubernetes, and this open source security guide is a comprehensive resource for anyone who wants to learn how to implement a complete open source container security stack for Docker and Kubernetes.
So, you want to implement run-time security in your Kubernetes cluster? If you are looking for an open-source tool, obviously Sysdig Falco is the way to go :). You can install Falco as a daemonSet, but as we wanted to make things even easier and natively integrated, we have packaged Falco as a Helm chart, the Kubernetes package manager.
How to ensure visibility into your next-generation Kubernetes environment. Having assisted hundreds of enterprises in developing a new visibility strategy as they move to Kubernetes, I’ve learned a few things about how organizations learn, evolve and adopt a new method of application observability. Open source is usually essential to developing this understanding.
