You're reading from Kubernetes and Docker - An Enterprise Guide Effectively containerize applications, integrate enterprise systems, and scale applications in your enterprise

Product type Paperback

Published in Nov 2020

Publisher Packt

ISBN-13 9781839213403

Length 526 pages

Edition 1st Edition

Tools

Docker

Concepts

Cloud Computing

Authors (2):

Marc Boorshtein

Scott Surovich

View More author details

Table of Contents (20) Chapters

Preface

1. Section 1: Docker and Container Fundamentals

2. Chapter 1: Docker and Container Essentials FREE CHAPTER

3. Chapter 2: Working with Docker Data

4. Chapter 3: Understanding Docker Networking

5. Section 2: Creating Kubernetes Development Clusters, Understanding objects, and Exposing Services

6. Chapter 4: Deploying Kubernetes Using KinD

7. Chapter 5: Kubernetes Bootcamp

8. Chapter 6: Services, Load Balancing, and External DNS

9. Section 3: Running Kubernetes in the Enterprise

10. Chapter 7: Integrating Authentication into Your Cluster

11. Chapter 8: RBAC Policies and Auditing

12. Chapter 9: Deploying a Secured Kubernetes Dashboard

13. Chapter 10: Creating PodSecurityPolicies

14. Chapter 11: Extending Security Using Open Policy Agent

15. Chapter 12: Auditing using Falco and EFK

16. Chapter 13: Backing Up Workloads

17. Chapter 14: Provisioning a Platform

18. Assessments

19. Other Books You May Enjoy

Leave a review - let other readers know what you think

Falco kernel module

Falco deploys a kernel module to monitor system calls on the host system. Since kernel modules must be compatible with the host kernel, you need to have a module that works with the worker node's host operating system.

Falco attempts to load or create a module in a few different ways:

If there is a pre-built module available for the hosts kernel, Falco will download and use the module automatically.
If no pre-built module exists for the worker node's kernel, Falco will attempt to build a module using any installed kernel-headers from the host.

At the time of writing, Falco offers an early-access alternative method for Falco probes, where they are created using a utility called driverkit. This new utility automates the creation of a new probe based on the kernel information of the host machine. The process of creating a probe using driverkit will be covered in detail since we will use it to create a Falco probe for our KinD cluster...