Falco watches the kernel and detects anomalous behaviour without instrumenting apps. When it makes sense, how to integrate it, where ops hurts.
Read moreFalco: Runtime Threat Detection with eBPF
Tag: kubernetes
Docker Swarm in 2023: When It Still Makes Sense
Kubernetes won the battle but Docker Swarm remains active and useful for specific cases. When to choose Swarm without feeling dated.
Read moreFlux CD vs ArgoCD: Which to Choose for Your Platform
Flux and ArgoCD are the two mature GitOps options. Practical comparison of philosophy, features, and when each fits better.
Read moreGitOps With ArgoCD: From Hype to Stable Production
ArgoCD has consolidated GitOps as the standard deploy practice in Kubernetes. How to use it well and what mistakes to avoid in production.
Read moreService Mesh in 2023: Istio, Linkerd, and the Cilium Option
A service mesh offers cross-cutting mTLS, observability, and traffic management. A comparison among Istio, Linkerd, and Cilium for real cases.
Read morecontainerd: The Runtime Underpinning Kubernetes
containerd runs the containers in most modern Kubernetes clusters, and almost nobody notices. A technical read of its architecture, its relationship with Docker, and what changed after dockershim was removed.
Read moreKubernetes 1.27: The Changes That Matter to Operators
K8s 1.27 stabilises SeccompDefault, removes deprecated features, and improves the scheduler. What to watch when upgrading.
Read moreCilium and the Future of Container Networking with eBPF
Cilium replaces iptables with kernel eBPF programs, radically changing Kubernetes networking performance and capabilities.
Read moreKubernetes 1.28: Sidecar Containers as First-Class Citizens
K8s 1.28 introduces native sidecars in alpha. What changes, how it affects service mesh and observability, and how to prepare for GA.
Read morePixie: Native Kubernetes Observability Powered by eBPF
Pixie uses eBPF to auto-instrument Kubernetes clusters without code changes. A practical guide and comparison with Prometheus + Grafana.
Read more