Friday night Meetup, pizzas and refreshments with Kubernetes experts in town for FOSS Asia.
Lightning Talk: Unleashing the power of Kubectl - Suraj Narwade (Red Hat)
Talk 1: Beyond Syscalls: Event Abnormality Detection with Falco - Michael Ducy (Sysdig)
Talk 2: Kubernetes Ingress: What, How & Caveats - Vincent De Smet (SWAT)
Unleashing the power of Kubectl
Do you use kubectl ? How efficiently you use kubernetes? In this talk, I will give you a tour of some of the most powerful, interesting and lesser-known features of kubernetes command line i.e kubectl. While preparing for CKA (Certified Kubernetes Administrator), I found some of the commands very interesting and worth to share with wider audience. This will not just unleash the power but, these tricks will help audience to learn new things about kubectl which will improve their productivity with kubectl.
Beyond Syscalls: Event Abnormality Detection with Falco
In any Cloud Native architecture there’s a seemingly endless stream of events that happen at each layer. These events can be used to detect abnormal activity and possible security incidents, as well as providing an audit trail of activity. In this talk we’ll cover how we extended Falco to ingest events beyond just host system calls, such as Kubernetes audit events or even application level events. We will also show how to create Falco rules to detect behaviors in these new event streams. We show how we implemented Kubernetes audit events in Falco, and how to configure the event stream. Finally, we will cover how to create additional event streams leveraging the generic implementation Falco provides. Attendees will gain deep understanding of Falco’s architecture, and how it custom Falco for additional events sources.
Kubernetes Ingress: What, How & Caveats
What is Kubernetes Ingress? What flavours are available? how do these make our life easier and what are the benefits of one versus the other? How about observability they provide and what are some of the caveats we have to watch out for? As we've been experimenting with several different set ups both at Swat and at previous startup(s), mostly from a functionality and operational perspective (less focus on performance benchmarks in this talk). In this talk we'd like to share our experience and also our thoughts on how we see this evolving.