MENU

Fun & Interesting

KubeArmor Deep Dive: Securing Kubernetes with eBPF & LSM

Is it Observable 591 6 months ago
Video Not Working? Fix It Now

In this episode, we'll cover everything you need to know about KubeArmor, from project overview to policy configuration and observability. We'll explain how KubeArmor leverages Linux Security Modules (LSMs) like AppArmor, SELinux, and BPF-LSM to secure your cluster, enforce policies, and provide deep observability. You'll learn in this episode: - An introduction to the KubeArmor project - How to configure KubeArmor policies, host policies, and cluster-wide policies - Ways to extend your observability with KubeArmor - Real-time event collection for process, file, network, and capability events - Practical examples of KubeArmor events like process, network, and file operations - Configuring KubeArmor for better performance and event visibility 📖 Chapters 📖 ----------------------------- 00:00 Welcome 01:20 Introduction to KubeArmor 07:16 Explaining the KubeArmor Policies 12:41 Observability with KubeArmor 17:55 Conclusion ----------------------------- 🔗 Useful links GitHub tutorial: https://dt-url.net/hs03ubs Blog post on KubeArmor: https://isitobservable.io/observability/kubernetes/kubearmor-deep-dive-securing-kubernetes-with-ebpf-and-lsm KubeArmor website: https://kubearmor.io/ Kubearmor policy template: https://github.com/kubearmor/policy-templates Kubearmor OTel adapter: https://github.com/kubearmor/otel-adapter Kubearmor Sidekick: https://github.com/kubearmor/sidekick Kubearmor Exporter : https://github.com/kubearmor/kubearmor-prometheus-exporter Dynatrace Trial: https://bit.ly/3KxWDvY 🔬 Want to learn more about tools that the cloud-native pros use? Check out the full list of my favorites over here on this YouTube playlist: https://www.youtube.com/playlist?list=PL6VBQyIvTlRjAMeeZN5yfD07X8DdYonnI Check out ALL my observability secrets, tips, and tricks in my blog: https://isitobservable.io/ 👉✅ Stay connected with me! Twitter: https://twitter.com/IsitObservable LinkedIn: https://www.linkedin.com/company/isitobservable IsItObservable is powered by Dynatrace’s own developer relations team. Subscribe to get observability reviews, tips and tricks, and tutorials tested by cloud-native experts. I review, test, and share results to help you succeed with platform engineering and observability.

Comment
Ads video related