Sysdig Monitoring & Security for Oracle Cloud - OKE and Oracle Linux

February 22, 2022 | 6 minute read
Robert Ronan
Principal Product Manager
Text Size 100%:

 

This is a guest blog written by the Sysdig team, talking about Sysdig and Oracle partnership.

The Sysdig platform secures Oracle Kubernetes Engine on the Oracle Cloud Infrastructure, bringing the advantages of the Sysdig platform to Oracle Cloud users. Oracle Kubernetes Engine (OKE) lets users build and manage modern containerized applications powered by Kubernetes. When OKE is supported with the Sysdig platform, it allows the Oracle Cloud users to get a unified view of the risk, health, and performance for cloud-native applications running on their infrastructure.

Sysdig has now enhanced its existing Oracle relationship by joining the Oracle Partner Network. To get started with Sysdig, check out the solution on the Oracle Cloud Marketplace. You can also start a free trial in minutes – just click here. In addition to Oracle Kubernetes Engine support, Sysdig is also compatible with Oracle Linux (UEK and RHCK) and supports runtime security and host vulnerability scanning actions for your Linux workloads. Read this article to understand how to install a Sysdig host agent for your Linux hosts.

As a close ecosystem partner for Oracle, Sysdig is able to pre-test and validate their visibility, security, and forensics capabilities across multi-cloud environments. Sysdig’s unique approach to container visibility will help you address operational use cases from development to production with Kubernetes.

Visibility and Security for Oracle Kubernetes Engine users

Here are a few of the ways that Sysdig helps Oracle Cloud users operate and secure OKE clusters, containers and linux hosts.

Vulnerability management

Enterprises that are most successful with the transition to cloud-native bring application security closer to the developer. Sysdig enables developer teams to implement robust vulnerability management to avoid and resolve security issues before builds are completed or containers are ever deployed. This helps raise awareness of the risk and compliance status of containers in the build pipeline, stored in your container registry, and running in production. It also scans for vulnerabilities for Oracle Linux images and OKE workloads running in production providing runtime security.

 

Also, note that for OKE, Sysdig can scan images and registries for vulnerabilities at build time as well; and integrate with the default CI/CD tool. Below is an example of Oracle registry credentials being added into Sysdig. 

Audit and compliance

Security teams and DevSecOps often struggle to successfully manage auditing and compliance requirements in Kubernetes and container infrastructure. Sysdig helps Oracle customers navigate the complexity of container auditing and container compliance with a robust record of all activity across your hosts, containers, and microservices. In addition, we provide controls to help you automatically enforce regulatory compliance standards.

 

For example, Sysdig helps you run the standard Kubernetes CIS benchmarks right out of the box and additional benchmarks are continuously being added and refined such as NIST and PCI. 

 

Above you can see the PCI 3.2 benchmark running for an OKE cluster.

 

Kubernetes monitoring

To identify and resolve underlying problems such as slow performance, failed deployments, and connection errors, you need the ability to gather and visualize in-depth information from across your environment with full Kubernetes context.

Sysdig’s Kubernetes monitoring arms development and operations teams with the tools needed to proactively identify and resolve potential problems and issues on Oracle Kubernetes Engine. With Sysdig you can view real-time health and performance data and travel back in time to observe the state of any component of your environment.

Container runtime security

Container security is top-of-mind for any organization adopting containers and Kubernetes. Sysdig’s unique system call level instrumentation and runtime security helps Oracle Cloud users detect, alert and block suspicious and unwanted activities.

Specifically, this includes unexpected outgoing connections, anomalous file access, or unauthorized process behaviors that occur in production and present a real threat to your business. Sysdig helps you capture syscalls, detect runtime threats and be alerted with unusual or risky activities. You can thus leverage it to scan your hosts at run time on OKE.

Container troubleshooting & forensics

Being able to see the health and performance of your containers in production is critical. But, once you see a problem, then what? Most administrators have experienced the moment when you know something’s wrong, even where, but not why. Sysdig’s automated alerting and built-in system call capture capability record all of the kernel-level and OS events from the time of a system event.

These data-rich, in-context system captures provide you with all of the data you need – including system, network, application, user and file activity – to help you quickly drill down from an event or policy violation to perform container troubleshooting and container forensics investigations outside of production – even if your containers are long gone.

Oracle Database health and performance monitoring

Get started with automatic alerts, easily troubleshoot errors and keep track of your Service Level Objectives (SLOs). Sysdig monitoring for the Oracle database will help assess resource usage and performance, and what to alert on to detect issues. Read this article to understand how to set up visibility and security for your Oracle Databases leveraging Prometheus.

Application health and performance monitoring

Your application may be made up of multiple microservices, which in turn can be made up of dozens or hundreds of containers. As a result, the simple act of monitoring service response time or performance of a given container becomes challenging. Sysdig, designed for cloud-native applications, gives you the insight and control you need to dramatically simplify monitoring microservice health and performance. Full-stack telemetry including host, container, and network metrics, custom metrics like Prometheus, JMX, StatsD, and application metrics along with orchestration events, give you a 360-degree view of the health and performance of your microservices and infrastructure.

Conclusion

You can confidently ensure you are actively monitoring and secure at build time by integrating Sysdig with your default CI/CD tool.

Here are some of the handy links you can leverage to you explore the Sysdig and Oracle partnership activities further:

For more information, see the Oracle Container Engine for Kubernetes documentation. If you want to experience Sysdig on Container Engine for Kubernetes for yourself, sign up for an Oracle Cloud Infrastructure account and start testing today!

 

 

 

Robert Ronan

Principal Product Manager


Previous Post

Interacting with OCI Object Storage using Go SDK: First Steps

Lucas Jellema | 13 min read

Next Post


Pi Day at Oracle

Erin Dawson | 2 min read