networkhell

> Does it work if you override with `os_mnt_boot_src` `UUID=780690c3-3687-439c-a61d-6a97dfaee640`? Yes it works with that override but I think the default behaviour is quite dangerous. Maybe it would be a...

Same issue here using fluent operator - liveness probe workaround not possible due to distroless images.

@joseeetm thanks for the hint. Unfortunately I am using the fluent-operator which has currently no support for a custom liveness probe.

Thanks for the hint how to workaround this. In the meantime I shifted my application credentials from helm values to a secret deployed with a ClusterResoureSet. But it may be...

Thanks for getting back to me @incertum! As soon as I am running falco 0.38.0 I never get these k8s.* fields populated. Always N/A... while the container fields are always...

@incertum thank you for  your efforts regarding this issue 🙂 Let me provide some information that may help you with your design discussion: Kubernetes deprecated docker as container runtime as...

@incertum I had the chance to test the current master / main images just now. But unfortunately the problem is **not** solved. Additions to Falco config: `container_engines: docker: enabled: false...

Hi @FedeDP @incertum, I tested just now with the suggested version and the results are not promising... Full falco config: ``` base_syscalls: custom_set: [] repair: false buffered_outputs: false container_engines: docker:...

Hi @leogr, > Was it a short-lived container? 🤔 I tested this with one of the falco containers itself. I guess the pods uptime was something between 3 and 10...

> Hey @networkhell have you considered using the [k8s-metacollector](https://github.com/falcosecurity/k8s-metacollector) for Kubernetes metadata? @alacuku not yet - could it help to populate basic fields coming from the runtime such as container_name...