Daily Kubernetes news, events, jobs, podcast and more

Spotlight

Debdut Chakraborty

This article explains:

why Kubernetes operator status conditions should be the single source of truth,
how phase should be derived from conditions via declarative rules,
and introduces a Go library for doing this with an interactive browser demo.

Extending EKS with Hybrid Nodes: IAM Roles Anywhere and HashiCorp Vault
This tutorial teaches how to extend EKS with hybrid nodes using IAM Roles Anywhere and HashiCorp Vault for secure authentication of on-premises or edge workloads.
A Step-by-Step Guide to Securing Observability Pipelines Using Vector by Datadog
DV Engineering
This tutorial teaches how to collect Prometheus metrics from Kubernetes clusters and securely route them to remote Prometheus instances using Vector with mTLS encryption.
The Missing Layers in Your Kubernetes Operator
Ægir Máni Hauksson
This article explains that Kubernetes operators become hard to maintain without explicit component and resource-primitive layers between the controller and raw objects.

Tools and utilities

KubeVPN: Kubernetes VPN
KubeVPN is a tool that seamlessly connects to your Kubernetes cluster network, allowing you to access cluster resources from your local machine.
Awesome Kubernetes Architecture Diagrams
This repo contains 20+ tools that auto-generate Kubernetes architecture diagrams from manifests, Helm charts, or cluster state.
G-Kubie
Kubie is a tool that provides an alternative to kubectx, kubens, and the k on prompt modification script, offering context switching, namespace switching, and prompt customization.
hanoi-cli
hanoi-cli analyzes pod distribution across nodes, detects CPU/memory hotspots, generates safe redistribution plans, and simulates node failures — all without touching the cluster.
Node Address Labeler for Kubernetes Nodes
node-address-labeler is a controller that watches a node's interface and dynamically labels Kubernetes nodes with node.ip/<ip> based on real-time interface changes.

Events starting soon

Learn from production

Migrating legacy PHP monolith apps on Drupal 8 to Kubernetes
Alexey Demyanov
This case study shows how Palark migrated high-traffic Drupal 8 monoliths to Kubernetes to improve resilience, autoscaling, deployment automation, and DDoS handling while reducing infrastructure waste.
How we found 7 TiB of memory just sitting around
This blog post tells how the Render team:
- tracked down Kubernetes memory waste caused by many daemonset namespace watches,
- fixed config issues,
- and freed over 7 TiB of memory across clusters by reducing unnecessary listwatch overhead.
Tracing large job failures to serial console bottlenecks from oom events
Jack Lindamood
This case study shows how OOM Killer terminated a critical network daemon on Kubernetes nodes, causing a network outage.
It covers debugging via serial console and implementing memory reservations to prevent system-critical process termination.
Three Weeks in the Trenches: Hunting a 4GB Native Memory Leak That .NET Couldn’t See
Kalyan Josyula
This case study shows how a team traced repeated pod OOM kills in ASP.NET Core to native memory growth from zombie SignalR connections, glibc fragmentation, and kernel socket buffers.

Matching jobs

- Software Engineer with Commvault
- Salary: $47.97K to $2.64L a year
- Location: based in the office in Bangalore, IN
- Tech stack: Kubernetes, Docker, C++, C#, Java, Javascript
- DevOps Engineer with Alchemy
- Salary: $90 to $539K a year
- Location: based in the office in San Francisco, CA, USA
- Tech stack: Kubernetes, AWS, GCP, Helm, ArgoCD, Terraform, Grafana, Prometheus, Istio
- DevOps Engineer with Alchemy
- Salary: $36K to $225.5K a year
- Location: based in the office in Bucharest, RO
- Tech stack: Kubernetes, AWS, Azure, Bare-metal, GCP, Helm, ArgoCD, Cloudformation, Pulumi, Terraform
- DevOps Engineer with Derex Technologies Inc
- Salary: $90 to $484K a year
- Location: based in the office in IL, USA
- Tech stack: Kubernetes, AWS, Python, Cloudformation, Terraform
- DevOps Engineer with Enpal
- Salary: US$135K to US$272.8K a year
- Location: based in the office (and remote from home) in Berlin, DE
- Tech stack: Kubernetes, Azure, Docker, Terraform, Azure DevOps, Datadog

Build something

Securing an inference service with Authorino
Juanma Barea Martinez
This tutorial teaches how to secure LLM inference services on Kubernetes using Authorino and Envoy for authentication and authorization.
Signed, Sealed, and Admitted
Matt Brown
This tutorial teaches how to implement container image signature verification in Kubernetes using Cosign for signing, Kyverno for policy enforcement, and Sigstore Policy Controller for admission control.
Securing East-West Traffic with GKE Internal Gateway
Blake Gillman
This tutorial shows how to secure east-west traffic in GKE using an Internal Regional Gateway with Envoy proxies, certificates, HTTP Routes with path rewriting, and a zero-trust architecture for service-to-service communication.
Enforcing Signed Container Images in Kubernetes Using Cosign & Kyverno
Hansaka Biyon
This tutorial teaches how to enforce signed container images in Kubernetes using Cosign for signing, Harbor for storage, and Kyverno admission controller for verification, including custom CA trust configuration and CI/CD integration patterns.