...
Issues resulting from third-party tools, such as antivirus and intrusion detection software, interfering with ContainerD or other necessary system calls are deemed resolved should disabling such tools restore functionality.Also, having Antivirus software running in the nodes can result in poor performance. Some antivirus software may continue to impact even if all paths our products rely on are excluded. Whilst performing scanning and inspection of files, disk I/O and CPU usage can increase, thus slowing our product performance. In some cases, this reduction in performance can be dramatic and can even render our products impossible to use.
| Info |
|---|
The key challenge remains balancing comprehensive security with minimal performance overhead. Whitelisting critical paths and understanding container runtime interactions becomes crucial. Administrators must carefully configure security agents to prevent unnecessary scanning of system-critical directories, which can cause significant resource contention and potentially destabilize cluster operations:
|
Lastly, where a customer environment has deviated from our supported configurations, we always reserve the right to recommend the customer to revert to a supported configuration to resolve the reported issueis running additional 3rd party software please increase the system resources to account for overhead.