Installing Falco
The Falco Project
The Falco application:
- Parses Linux kernel system calls at runtime.
- Analyzes signals using a configurable set of rules.
- Sends an alert if the rules are violated.
Warning
To use Falco, install Kyverno or another product that supports writing results to wg-policy-prototypes
Installation using Yandex Cloud Marketplace
- Go to the folder page
and select Managed Service for Kubernetes. - Click the Managed Service for Kubernetes cluster name and select the
Marketplace tab. - Under Applications available for installation, select Falco and click Use.
- Configure the application:
- Namespace: Select or create a namespace for Falco.
- Application name: Enter a name for the application.
- Click Install.
- Wait for the application to change its status to
Deployed
.
Installation using a Helm chart
-
Install Helm
v3.7.0 or higher. -
Install kubectl
and configure it to work with the created cluster. -
To install a Helm chart
with Falco, run the following command:export HELM_EXPERIMENTAL_OCI=1 && \ helm pull oci://cr.yandex/yc-marketplace/falco \ --version 2.2.5 \ --untar && \ helm install \ --namespace <namespace> \ --create-namespace \ falco ./falco