-
Notifications
You must be signed in to change notification settings - Fork 336
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Test KubeArmor on AWS (EKS) #58
Comments
AWS EKS uses Amazon Linux 2 as an OS image, there are no other options. The kernel version is 4.14 by default, and we can upgrade to 5.4. BUT, Amazon Linux 2 does not support AppArmor. They suggest using SELinux. ref. https://forums.aws.amazon.com/thread.jspa?threadID=320641 |
5.10 lts kernel should be supported soon (they tend to follow lts versions). I think there will be a problem with EKS Fargate since it's a very locked down microVM running a sidecar that runs eBPF will be impossible. One thing that could be used is ptrace, like Falco, to bypass the limitations. |
Interesting point. However, at this juncture, our aim is to get it working for vanilla EKS (not fargate). Fargate will be a different challenge for the reasons you mentioned. |
Check if the KubeArmor can work on AWS k8s engines.
Check if anyone can deploy KubeArmor based on the document
The text was updated successfully, but these errors were encountered: