Kubernetes Deployment

Target

Install now

Kubernetes Deployment

Target

Install now

Kubernetes Deployment

Target

Install now

Kubernetes Deployment

Target

Install now

Go back to list

Discovery of Kubernetes Deyployments

Kubernetes API Server

Our agent is able to communicate directly with the Kubernetes API Server to get more details about containers and pods. This optional feature can be given to the agents when deploying the DaemonSet by setting up a ServiceAccount and limit the access by using a RBAC Authorization.

Additional information is provided by `

Deployments
ReplicaSets
StatefulSets
DaemonSets

Our central platform prepares this additional information and uses it to identify new potential targets. Thus it is possible to attack a dedicated Kubernetes Deployment or to cause failures in a ReplicaSet.

Statistics

-Stars

deployment rollout status

Check the rollout status of the deployment. The check succeeds when no rollout is pending, i.e., kubectl rollout status exits with status code 0.

Check

Kubernetes deployments

Pod Count

Verifies Kubernetes pod counts

Check

Kubernetes deployments

rollout restart deployment

execute a rollout restart for a Kubernetes deployment

Attack

Kubernetes deployments

Scale Deployment

Up-/Downscale a Kubernetes Deployment

Attack

Kubernetes deployments

Recommended Advice (4 of 15)

See all

Image Pull Policy Set To Always

Ensure that your containers are always running the identical latest container image.

Kubernetes daemonsets

Kubernetes deployments

Kubernetes statefulsets

Image Version Explicitly Configured

Validates usage of explicit image versioning and avoids latest-tags.

Kubernetes deployments

Limit CPU Resources

Validates that your Kubernetes resources have a CPU limit configured.

Kubernetes daemonsets

Kubernetes deployments

Kubernetes statefulsets

Limit Ephemeral Storage Resources

Validates that your Kubernetes resources have a ephemeral storage limit configured.

Kubernetes daemonsets

Kubernetes deployments

Kubernetes statefulsets

Useful Recipes (4 of 18)

See all

Verify system unavailability status during Redis latency

Verify that an increased latency in a Redis cache is handled by your application properly by having increased processing time but still being able to maintain the throughput.

Containers

Datadog monitors

Kubernetes deployments

Verify system unavailability status during Redis downtime

Check that your application handles a Redis cache downtime gracefully and continues to deliver its intended functionality. The cache downtime may be an unavailable Redis instance or a complete cluster.

Containers

Datadog monitors

Kubernetes deployments

Verify system unavailability status when Microsoft SQL Server database can't be reached

An unavailable Microsoft SQL Server database might be too severe for suitable fallbacks and requires your system to indicate unavailability appropriately.

Kubernetes deployments

Containers