You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I think there are too ways to deploy Falco on top of Kubernetes (deployment VS daemonset + with-RBAC VS without-RBAC + Falco slim container image VS Falco "full" container image).
Feature
I'd maintain only the daemonset solution since the driverloader should run on every node, with RBAC enabled since it is the default authorization mechanism for apps in k8s.
Furthermore, since this is not an official method to deploy Falco (kernelspace and userspace components), I think that it's better to keep it simple.
Additional context
The Falco images are going to be under review; see here for details.
/kind feature
The text was updated successfully, but these errors were encountered:
Motivation
I think there are too ways to deploy Falco on top of Kubernetes (deployment VS daemonset + with-RBAC VS without-RBAC + Falco slim container image VS Falco "full" container image).
Feature
I'd maintain only the daemonset solution since the driverloader should run on every node, with RBAC enabled since it is the default authorization mechanism for apps in k8s.
Furthermore, since this is not an official method to deploy Falco (kernelspace and userspace components), I think that it's better to keep it simple.
Additional context
The Falco images are going to be under review; see here for details.
/kind feature
The text was updated successfully, but these errors were encountered: