Ever wished you could monitor your AWS load balancer logs in real-time? AWS ELB access logs are packed with security gold, but they're usually just sitting in S3 as static files. Let's fix that with a falco-plugin-aws-elb! What is Falco 🦅?What are Falco Plugins?The ProblemSolutionExample RuleQuick StartWhy Rust 🦀?Available FieldsConclusion What is Falco 🦅? Falco… Continue reading Built a Falco Plugin for AWS ELB Access Logs
On June 16, 2025, I gave a Lightning Talk at KubeCon + CloudNativeCon Japan 2025. The title of my talk was: “From Kernel To Kubernetes: Mapping eBPF-Detected Processes To Pods!” In this session, I explored how Tetragon connects the Linux kernel to Kubernetes by enriching eBPF-detected process data with Kubernetes metadata. You can check out… Continue reading From Kernel to Kubernetes: KubeCon + CloudNativeCon Japan 2025
In my previous post, I described setting up my Tetragon development environment on macOS. Following that, I dove into the Tetragon documentation to start learning the ropes! However, I encountered issues with certain commands not working due to differences in Docker image versions and the ARM CPU. To resolve this, I submitted a few pull… Continue reading First Contribution to the Tetragon Project
As I sit down to write my 20th blog post on this December night, I find myself marveling at the journey I've embarked upon since May 24, when I started this blog. Surprisingly, the pace has been faster than I initially anticipated. What used to take me several hours per post in the beginning has… Continue reading Reflecting on My 2023 Journey
S3 event-driven workflow Use an Amazon S3 trigger in k8s Invoking AWS lambda functions using the Amazon S3 trigger is a very famous system design pattern on AWS. It can save compute resources and costs. However, once you decide to use k8s as a platform, you may hesitate to use Function as a Service for… Continue reading Use an AWS S3 trigger in k8s with Argo Events
A simple workflow with Argo Workflows Container-native Workflow engine Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. It's been used for many use cases, such as Machine Learning pipelines, Infrastructure automation, and CI/CD. In this article, I will explain how to install it via Helm and create a… Continue reading Install Argo Workflows via Helm and Create a simple workflow
The simple workflow with Argo Events Event-driven workflow in Kubernetes Argo Events is an event-driven workflow automation framework for Kubernetes which helps you trigger K8s objects, Argo Workflows, Serverless workloads, etc. With Argo Events, we can trigger workflow such as CI/CD pipeline and ETL pipeline using some kinds of events sources. In this article, I… Continue reading Install Argo Events via Helm and Create a simple event-driven workflow
Encrypt and Decrypt with Sealed Secret Problems of Secrets in GitOps Kubernetes stores secrets as base64-encoded strings in manifests, so we shouldn't store secrets' manifests in a Git repository. That means we cannot practice GitOps for secrets. Sealed Secrets can solve this problem using encryption! In this article, I will explain how to install Sealed… Continue reading Install Sealed Secrets via Helm
CI/CD pipeline architecture Make CI/CD process more efficient In my previous post, I explained how to install ArgoCD Image Updater(AIU). Now, let's leverage AIU to make CI/CD process more efficient by automating of update image tag! 🐙 PreparationCreate Application with KustomizeCreate a manifest of DeploymentCreate kustomization.yamlCreate a manifest for ApplicationPush manifests to the GitHub repositoryCheck… Continue reading Automate image tag update with ArgoCD Image Updater
ArgoCD Image Updater allocation ArgoCD Image Updater ArgoCD image updater can automate the updating of image tags in manifests. It will make your CI/CD process more efficient! In this article, I will explain how to install ArgoCD Image Updater via ArgoCD using ArgoCD's Declarative Setup. 🐙 PreparationAdd argo's chart repositoryCheck ArgoCD's namespaceInstall ArgoCD Image UpdaterCheck… Continue reading Install ArgoCD Image Updater via ArgoCD declaratively
Yuki Nakamura's Blog 