Kubernetes is one of the most common open-source container orchestration systems. Despite its widespread support by Google and Cloud Native Computing Foundation, it still faces many security problems. We present in this work a new Kubernetes monitoring agent with its extractors and customized rules that collect important metrics from cluster nodes. These metrics can be used later to train machine learning models to detect unusual activities on nodes. Our experiments which were conducted on a real production Kubernetes environment and collected 24 metrics in a reasonable time show that the proposed agent can stream a real-time dataset that can feed a machine learning model working in parallel with the Kubernetes cluster.
Дарвиш Г. (науч. рук. Воробьева А.А.) A new monitoring agent in the Kubernetes environment for security purposes // Сборник тезисов докладов конгресса молодых ученых. Электронное издание. – СПб: Университет ИТМО, [2023]. URL: https://kmu.itmo.ru/digests/article/9729