New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fission output type blog post #484
Conversation
Welcome @gauravgahlot! It looks like this is your first PR to falcosecurity/falco-website 🎉 |
/assign |
> * [Kubernetes Response Engine, Part 4 : Falcosidekick + Tekton]({{< ref "/blog/falcosidekick-reponse-engine-part-4-tekton" >}}) | ||
> * [Kubernetes Response Engine, Part 5 : Falcosidekick + Argo]({{< ref "/blog/falcosidekick-reponse-engine-part-5-argo" >}}) | ||
> * [Kubernetes Response Engine, Part 6 : Falcosidekick + Cloud Run]({{< ref "/blog/falcosidekick-reponse-engine-part-6-cloud-run" >}}) | ||
> * [Kubernetes Response Engine, Part 7: Falcosidekick + Cloud Functions]({{< ref "/blog/falcosidekick-reponse-engine-part-7-cloud-functions" >}}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
> * [Kubernetes Response Engine, Part 7: Falcosidekick + Cloud Functions]({{< ref "/blog/falcosidekick-reponse-engine-part-7-cloud-functions" >}}) | |
> * [Kubernetes Response Engine, Part 7 : Falcosidekick + Cloud Functions]({{< ref "/blog/falcosidekick-reponse-engine-part-7-cloud-functions" >}}) |
/hold We can't release this post before next version of falcosidekick |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just found some minor issues, otherwise looks good to me! 👏
|
||
### Provision local Kubernetes Cluster | ||
|
||
There are various ways to provision a local Kubernetes cluster such as, KinD, k3s, k0s, Minikube etc. We are going to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are various ways to provision a local Kubernetes cluster such as, KinD, k3s, k0s, Minikube etc. We are going to | |
There are various ways to provision a local Kubernetes cluster such as KinD, k3s, k0s, Minikube, etc. We are going to |
The earlier posts in this series, show how to use Kubeless, Argo, Knative, and others to trigger a resource after getting input from Falcosidekick. | ||
Recently, Falcosidekick received a new output type support for [Fission](https://github.com/falcosecurity/falcosidekick/pull/255). | ||
|
||
In this blog post, we will cover using `Falcosidekick` and `Fission` to detect and delete a compromised pod in Kubernetes cluster. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In this blog post, we will cover using `Falcosidekick` and `Fission` to detect and delete a compromised pod in Kubernetes cluster. | |
In this blog post, we will cover using `Falcosidekick` and `Fission` to detect and delete a compromised pod in a Kubernetes cluster. |
|
||
The function we are going to deploy basically receives events for an infected pod from the _Falcosidekick_ and deletes it immediately. | ||
Before deploying the function we need some permissions to delete Pod. | ||
We create a `ServiceAccount` with right to delete a Pod in any namespace, and we'll associate it to our function: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We create a `ServiceAccount` with right to delete a Pod in any namespace, and we'll associate it to our function: | |
We create a `ServiceAccount` with rights to delete a Pod in any namespace, and we'll associate it to our function: |
|
||
## Conclusion | ||
|
||
With this really simple example, we got another way to create a Response Engine with amazing pieces of software from Open Source world. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With this really simple example, we got another way to create a Response Engine with amazing pieces of software from Open Source world. | |
With this really simple example, we got another way to create a Response Engine with amazing pieces of software from the Open Source world. |
@@ -0,0 +1,505 @@ | |||
--- | |||
title: "Kubernetes Response Engine, Part 8: Falcosidekick + Fission" | |||
date: 2021-07-22 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please update the date to a more recent one (after release of 2.24.0 of falcosidekick)
7b6a2cb
to
3d2955b
Compare
058bb15
to
9f8e288
Compare
@@ -0,0 +1,505 @@ | |||
--- | |||
title: "Kubernetes Response Engine, Part 8: Falcosidekick + Fission" | |||
date: 2021-08-19 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
date: 2021-08-19 | |
date: 2021-08-29 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please update the date of the post
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@@ -0,0 +1,505 @@ | |||
--- | |||
title: "Kubernetes Response Engine, Part 8: Falcosidekick + Fission" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
title: "Kubernetes Response Engine, Part 8: Falcosidekick + Fission" | |
title: "Kubernetes Response Engine, Part 9: Falcosidekick + Fission" |
title: "Kubernetes Response Engine, Part 8: Falcosidekick + Fission" | ||
date: 2021-08-29 | ||
author: Gaurav Gahlot | ||
slug: falcosidekick-reponse-engine-part-8-fission |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
slug: falcosidekick-reponse-engine-part-8-fission | |
slug: falcosidekick-reponse-engine-part-9-fission |
> * [Kubernetes Response Engine, Part 4 : Falcosidekick + Tekton]({{< ref "/blog/falcosidekick-reponse-engine-part-4-tekton" >}}) | ||
> * [Kubernetes Response Engine, Part 5 : Falcosidekick + Argo]({{< ref "/blog/falcosidekick-reponse-engine-part-5-argo" >}}) | ||
> * [Kubernetes Response Engine, Part 6 : Falcosidekick + Cloud Run]({{< ref "/blog/falcosidekick-reponse-engine-part-6-cloud-run" >}}) | ||
> * [Kubernetes Response Engine, Part 7 : Falcosidekick + Cloud Functions]({{< ref "/blog/falcosidekick-reponse-engine-part-7-cloud-functions" >}}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you add the part 8 with Flux v2 please
LGTM label has been added. Git tree hash: afecdf26c827d0758c39d0463e6455e97c5b444e
|
efb82a9
to
472f9ba
Compare
Needs a rebase after #492 is merged. |
Signed-off-by: Gaurav Gahlot <gauravgahlot0107@gmail.com>
Signed-off-by: Gaurav Gahlot <gauravgahlot0107@gmail.com>
Signed-off-by: Gaurav Gahlot <gauravgahlot0107@gmail.com>
Signed-off-by: Gaurav Gahlot <gauravgahlot0107@gmail.com>
Signed-off-by: Gaurav Gahlot <gauravgahlot0107@gmail.com>
Signed-off-by: Gaurav Gahlot <gauravgahlot0107@gmail.com>
472f9ba
to
df940ab
Compare
/lgtm |
LGTM label has been added. Git tree hash: ebfc731b5af7fbbdef0318e5c26dbfb0018c92c5
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: danpopSD, gauravgahlot, leogr The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/hold cancel |
Signed-off-by: Gaurav Gahlot gauravgahlot0107@gmail.com
What type of PR is this?
/kind content
Any specific area of the project related to this PR?
/area blog