DEV Community

Cover image for Monitor DigitalOcean Managed Kubernetes cluster with Falco
Bervianto Leo Pratama
Bervianto Leo Pratama

Posted on

Monitor DigitalOcean Managed Kubernetes cluster with Falco

Hi, everyone!

I'm joining DigitalOcean Kubernetes Challenge. The topic that I pick about "Deploy a security and compliance system". It's great!

Prerequisite tools:

  • kubectl. Documentation about installation is here.
  • doctl. Documentation about installation is here.
  • helm. Documentation about installation is here.

Main step

  • Make sure you are already installed kubectl, doctl and helm.
  • Setup and create the DigitalOcean Managed Kubernetes cluster, if you didn't create if before. Want to know more? Visit the documentation here.
  • Install Falco to kubernetes cluster. This is unusual step, since usually we install Falco in different machine to avoid interruption when the kubernetes cluster is compromised. To install to a machine, you can see here. To install within kubernetes cluster, we can see this document, this is the step that we will use and we will use helm.

Setup and Create DigitalOcean Managed Kubernetes cluster

I have video about setup and create DigitalOcean Managed Kubernetes cluster. After that, we setup kubectl to connect with the cluster.

Step by step summary:

  • Install kubectl
  • Install doctl
  • Create DigitalOcean Managed Kubernetes cluster through the web interface
  • Connectl kubectl to the created cluster using doctl

Setup Falco to kubernetes cluster

Step summary:

  • Install falco using helm
  • Check the cluster, should have pods with name falco and have running status.

Try Falco and check the logs

  • I try to deploy nginx just as other pods. You can see here. The deployment file that I use and give name deployment.yml:
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.14.2
        ports:
        - containerPort: 80
Enter fullscreen mode Exit fullscreen mode
  • Deploy the nginx, kubectl apply -f deployment.yml.

  • Monitor logs the Falco pods.

Pods

Sample logs

Here is the video sample:

Thank you

Thank you. Hope you enjoy it! Any comments or suggestions? Feel free to comment below.

Thank you

Top comments (0)