You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Motivation
The bottlerocket OS has two containerd runtime with different sock file, one for k8s, one for host-containers(management), currently only the k8s containerd is monitored, but we need falco to monitor another containerd.
And also in some scenarios, like Docker in Docker, the CI pod would host another docker daemon for build purpose.
Feature
Support multiple container runtime in one node.
Alternatives
None.
Additional context
Bottlerocket uses host containers(exclude from the k8s containerd, called host-containerd) to run ssh server (admin-container) and aws ssm. And these host containers should be monitored because of all the privileges that host containers have can access the k8s pods.
The text was updated successfully, but these errors were encountered:
Motivation
The bottlerocket OS has two containerd runtime with different sock file, one for k8s, one for host-containers(management), currently only the k8s containerd is monitored, but we need falco to monitor another containerd.
And also in some scenarios, like Docker in Docker, the CI pod would host another docker daemon for build purpose.
Feature
Support multiple container runtime in one node.
Alternatives
None.
Additional context
Bottlerocket uses host containers(exclude from the k8s containerd, called host-containerd) to run ssh server (admin-container) and aws ssm. And these host containers should be monitored because of all the privileges that host containers have can access the k8s pods.
The text was updated successfully, but these errors were encountered: